Call: (407) 331-6620 or (850) 439-1001
Toll-free: (888) 331-6620
Menu
Call: (407) 331-6620 or (850) 439-1001
Toll-free: (888) 331-6620
By Michael L. Smith, J.D., R.R.T.
(February 4, 2013) – The rash of mass shootings over the last few months prompted the Department of Health and Human Services Office of Civil Rights (OCR) to send a message to all healthcare providers. In that message, the OCR Director reminded all healthcare providers that the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule does not prohibit healthcare providers from disclosing information about a patient when the patient poses a serious danger to himself or other people.
All healthcare providers know that the HIPAA regulations protect the privacy of health information. Healthcare providers also know they can use and disclose that health information for the purposes of treatment, payment and operations (TPO). However, not all healthcare providers know the circumstances when they may and should share information about their patients, without the patient’s consent, in order to prevent or lessen the risk of harm.
The HIPAA regulations allow a healthcare provider to disclose information about a patient without authorization from the patient and without providing the patient an opportunity to agree or object to the disclosure when the disclosure is made to prevent or lessen the risk of harm. The healthcare provider making the disclosure must have a good faith belief that the disclosure is necessary to prevent or lessen a serious or imminent threat to the health or safety of a person or the public. The disclosure must be made to a person that is reasonably able to prevent or lessen the threat.
The HIPAA regulations also allow a healthcare provider to disclose information about their patient without authorization from the patient and without providing the patient an opportunity to agree or object to the disclosure when the information is necessary for law enforcement officials to identify and apprehend an individual. The disclosure must be based upon a statement by the patient admitting participation in a violent crime that the healthcare provider reasonably believed caused serious harm, or where it appears the individual has escaped from lawful custody or a correctional institution.
For each type of disclosure, the healthcare provider must have a good faith belief that the disclosure is necessary to prevent or lessen a serious threat. A healthcare provider is presumed to be acting in good faith when that healthcare provider has actual knowledge of the facts, or the healthcare provider is relying upon credible information provided by a person that is knowledgeable about the facts.
In most cases the disclosure will be to law enforcement. The disclosure may also be made to the intended victim of the threat depending on the information known to the healthcare provider.
The healthcare provider cannot disclose all the protected health information of the individual that poses a threat. The information disclosed under these provisions must be limited to the information necessary for law enforcement officials to identify or apprehend an individual. Basically, the information that may be disclosed is limited to the individual’s name, date and place of birth, social security number, blood type, injuries, treatment dates and a description of any distinguishing physical characteristics.
A healthcare provider may not disclose confidential information under this HIPAA regulation if the healthcare provider learned the information in the course of treatment to affect the propensity to commit the criminal conduct that is the basis for the disclosure, or if the information is learned through a request by the individual to initiate treatment to affect the propensity to commit the criminal conduct. Unfortunately, it may be difficult to determine when a patient crosses the line between seeking treatment to affect a propensity to commit a criminal act and becoming a serious and imminent threat to the health or safety of a person or the public. Fortunately, the majority of healthcare providers and facilities faced with these situations have policies and procedures on when, how and most importantly by whom these unauthorized disclosures are made. Healthcare providers should notify the appropriate individuals in their institutions when they have knowledge that one of their patients poses a serious or imminent threat to the health and safety of a person or the public.
All heathcare providers should remember, the HIPAA regulations do not prohibit healthcare providers from sharing confidential information with appropriate authorities when the disclosure is necessary to prevent or lessen the risk of harm to individuals or the general public. A healthcare provider may disclose information without the patient’s consent if the disclosure is necessary to prevent or lessen a serious or imminent threat to the health or safety of a person or the public.
Michael L. Smith, JD, RRT is board certified in health law by The Florida Bar and practices at The Health Law Firm in Altamonte Springs, Fla. This article is for general information only and is not a substitute for formal legal advice.
This article was originally published in Advance for Respiratory Care and Sleep Medicine.
Main Office • 1101 Douglas Avenue, Suite 1000, Altamonte Springs, FL, 32714
By Appointment • 37 N. Orange Ave., Suite 500, Orlando, FL 32801
By Appointment • 201 E. Government St., Pensacola, FL 32502 Telephone: (407) 331-6620(850) 439-1001 Telefax: (407) 331-3030
Medicare/Medicaid Audits, Health Care Law, Contracts, Hospital Privileges Hearings, Investigations, DEA Defense, Board of Medicine Defense, Fraud Defense, Administrative Hearings, PRN, IPN, Professional Licensing, Medicare/Medicaid Fraud Defense, Nursing Law, Compliance Plans, Hospital Law, Board of Dentistry, Board of Nursing, Board of Pharmacy, Board of Psychology, White Collar Crime, Pain Management and Pain Medicine Physician Defense, Pain Management Clinic Defense, Zone Program Integrity Contractor (ZPIC) Audit Defense, Recovery Audit Contractor (RAC) Audit Defense, Medicaid Fraud Control Unit (MFCU) Defense, Search Warrant and Subpoena Defense, Board of Psychology Defense, NBME Representation, U.S.M.L.E. Challenges, ABIM Representation, Medical Exam Cheating Defense…and more
Available in the following Florida cities and counties: Daytona Beach, Fort Lauderdale, Gainesville, Jacksonville, Key West, Melbourne, Miami, Ocala, Orlando, Pensacola, Panama City, Sarasota, St. Petersburg, Tallahassee, Tampa, West Palm Beach, Alachua, Baker, Bay, Bradford, Brevard, Broward, Calhoun, Charlotte, Citrus, Clay, Collier, Columbia, Dade, De Soto, Dixie, Duval, Escambia, Flagler, Franklin, Gadsden, Gilchrist, Glades, Gulf, Hamilton, Hardee, Hendry, Hernando, Highlands, Hillsborough, Holmes, Indian River, Jackson, Jefferson, Lafayette, Lake, Lee, Leon, Levy, Liberty, Madison, Manatee, Marion, Martin, Monroe, Nassau, Okaloosa, Okeechobee, Orange, Osceloa, Palm Beach, Pasco, Pinellas, Polk, Putnam, St. Johns, St. Lucie, Santa Rosa, Sarasota, Seminole, Sumter, Suwannee, Taylor, Union, Volusia, Wakulla, Walton, and Washington
By making this website information available for those who access it does not constitute doing business in or having a presence in any state or jurisdiction, nor does it constitute an advertisement sent to or a solicitation made in any state or jurisdiction. This firm is located in and maintains a presence in only those states where the firm maintains an actual physical office. Its attorneys are only admitted to practice in those states specifically listed on their resumes.
Available in the following states*: Alabama, Alaska, Arizona, Arkansas, Connecticut, Delaware, Florida, Georgia, Hawaii, Idaho, Illinois, Indiana, Iowa, Kansas, Kentucky, Louisiana, Maine, Maryland, Massachusetts, Michigan, Minnesota, Mississippi, Missouri, Montana, Nebraska, Nevada, New Hampshire, New Jersey, New Mexico, New York, North Carolina, North Dakota, Ohio, Oklahoma, Oregon, Pennsylvania, Rhode Island, South Carolina, South Dakota, Tennessee, Texas, Utah, Vermont, Washington, West Virginia, Wisconsin, and Wyoming
Disclaimer | Terms of Representation
The Health Law Firm logo shown above is a registered Service Mark of George F. Indest III, P.A. – The Health Law Firm, since 2007.
“The Health Law Firm” is a registered fictitious business name of and a registered service mark of The Health Law Firm, P.A., a Florida professional service corporation, since 1999. Copyright © 2024 The Health Law Firm. All rights reserved.