Online Store   |   Advertising   |   Print Page   |   Contact Us   |   Report Abuse   |   Sign In   |   Join
Risk Management
Share |
Congressional Hearings on HIPAA


HIPAA Examined By Congressional Committee

The House Energy and Commerce Subcommittee on Oversight and Investigations, chaired by Rep. Tim Murphy of Pennsylvania, has held several hearings on the nation’s mental health system, recently focusing on the Health Insurance Portability and Accountability Act (HIPAA) and how its application can help or hinder patient care and public safety. Members of Congress and others have expressed concern that the HIPAA “Privacy Rule” may interfere with the timely and continuous flow of health information between healthcare providers, patients, and families, thereby impeding patient care, and in some cases, public safety. These hearings are in large part an outgrowth of the shootings at Newtown, Connecticut, elementary school.

Written by attorney Richard S. Leslie, JD, who describes himself as working “at the intersection of law and psychotherapy,” Risk Management items address ways that mental health counselors can avoid liability. The topic of this month’s
Risk Management is congressional hearings
on HIPAA. Items are drawn from CPH's
Avoiding Liability Bulletin

One of the concerns expressed by one or more members of the Subcommittee was that covered entities (including individual mental health providers) were so concerned about privacy and confidentiality, and so afraid that the federal government may come after them for an alleged violation, that they tended to not share information with others under circumstances where they are in fact allowed to do so—just to act on the cautious side. Connected to this concern was the question of what HIPAA allows with respect to healthcare providers communicating with family members or other relatives of the patient, close friends, or parents. The testimony around this issue confirmed that HIPAA allows providers to communicate with such interested persons, but only in a limited way and under limited circumstances. Reference to the applicable section of the federal regulations was made—that is, 45 CFR 164.510.

Another concern involved the dangerous patient issue. One of the witnesses who testified at the hearing was Leon Rodriguez, director of the Office for Civil Rights (OCR)—the enforcement arm of the U.S. Department of Health and Human Services (HHS). Director Rodriguez testified, among other things, that the “Privacy Rule” allows healthcare providers to warn or alert law enforcement, family members of the patient, or any other persons who may reasonably be able to prevent or lessen the risk of harm when the provider in good faith believes that a warning or report is necessary to prevent threatened harm from the patient. Essentially, the director stated that HIPAA allows disclosures in dangerous-patient situations (danger to self or others), but that providers must act consistent with the requirements or authorizations of state law and the ethical standards of the particular profession. His testimony in this regard was intended to convince the Subcommittee that HIPAA does not impede public safety.

Of the most interest to me was the testimony that indicated that there may be some who believe that the HIPAA regulations do not go far enough when it comes to the dangerous-patient scenarios I have often written about. The position expressed was that the HIPAA regulations were permissive only, and were too deferential to state law and applicable professional ethical standards. What therefore remains is a hodge-podge of widely varying state laws that take different positions as to whether or not there is a duty to protect a third party, and whether or not certain disclosures must be made to law enforcement or intended victims or others under circumstances where a patient threatens violence. 

There appears to be some interest in exploring whether or not it would be appropriate and effective to promulgate a national and uniform standard that would not only allow a psychotherapist to break confidentiality, but would establish a duty to protect third parties (intended victims) when a patient threatens imminent physical violence. I don’t see anything happening in the near future, although the 
idea is interesting and worthy of debate.

Copyright 2013 by CPH and Associates, from the June 2013 Avoiding Liability Bulletin. Used with permission.

Legal Questions? Take Advantage of FREE "Avoiding Liability Helpline"

The Avoiding Liability Helpline provides CPH and Associates policyholders with up to two free hours of consultation with an attorney per policy period for legal questions related to an existing situation with a client that is not otherwise covered under the policy benefits. The purpose of this helpline is to reduce your liability exposure in a situation that could potentially lead to a claim or complaint against your license.

Policyholders can speak with attorneys knowledgeable about areas of practice such as confidentiality, child abuse reporting requirements, patient access to records, dangerous patients, dual relationships, and other topics crucial to their practices.

Policyholders who call CPH’s Avoiding Liability Helpline (1-800-875-1911) will be given an appointment time to call an attorney directly. CPH business hours are 8:30 a.m. to 5 p.m. on Monday and Friday; 8:30 a.m. to 9 p.m. on Tuesday, Wednesday, and Thursday; and 10 a.m. to 5 p.m. on Saturday, Central Time.