The HIPAA Privacy Rule was first proposed in 1999. Over the decades, it has seen a number of modifications as the interests of patients have evolved over time.
With the COVID-19 pandemic, HIPAA has faced new challenges due to the sometimes conflicting need to protect public health while also protecting the privacy of individual patients.
Often, healthcare providers are caught between maintaining legal standards and providing patients with the best care possible. Sometimes, their choices impact the greater good as well when the public may be at risk of exposure to a viral illness like COVID.
In these times, it is often valuable to go back to the primary source and reconnect with the wording and intent of laws like the HIPAA Privacy Rule rather than make potentially life-altering choices based on hearsay or social convention.
What Is the HIPAA Privacy Rule?
The HIPAA Privacy Rule protects the confidentiality of all medical records and health information that is individually identifiable. Essentially, the rule limits the use of these records without the consent of the patient, but it also requires the provision of access to all healthcare and medical records for the patient along with the ability of that patient to transmit those documents to a third party and to request corrections if appropriate.
Does COVID Impact the HIPAA Privacy Rule?
COVID does not necessarily change the protections provided by HIPAA because there are already provisions within HIPAA that allow for the sharing of medical information, including identification information, under certain circumstances.
Under HIPAA, the name and other identifying information of a patient who is diagnosed with COVID may be shared by the provider with law enforcement, first responders, and/or public health agencies without patient consent when the following is true:
- It is necessary to provide treatment.
- Notification is required by law.
- Notification is required to prevent or control the spread of the illness.
- First responders or other medical professionals may be at risk of exposure to the illness.
- The individual is in custody of law enforcement or a correctional institution.
Essentially, if the care and treatment of the patient, protection of medical providers who are providing treatment to that patient, or the well-being of public health is at risk due to a patient’s diagnosis with any infection or disease, including COVID, sharing of personal information may legally be done by medical providers.
How Can Medical Providers Ensure HIPAA Compliance & Protection From Related Litigation?
Unfortunately, many patients do not understand the nature of HIPAA and/or its intent and bring lawsuits against medical providers who they feel have violated their rights by sharing their COVID diagnosis. If you are facing such litigation and would like help, Florida Healthcare Law Firm can assist you. Call now for a consultation.