HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things

Even with HIPAA having been in effect for approximately 20 years, covered entities still have trouble with the complicated disclosure rules under its Privacy Rule. And one can face serious consequences for not making a proper disclosure, like the $4.3 million a leading Healthcare firm suffered or the federal prosecution a psychologist faced more making an improper disclosure. And failure to make a proper disclosure can be life-threatening.

The 90-minute webinar on "HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things" will focus on the main problem disclosures:

• to the patient/client.
• to family members. Who qualifies as a family member? Guardianship rules. Parents and minors.
• to the media.
• to clergy.
• to law enforcement. To locate a suspect or missing person. For crime on the premises.
• to those able to prevent a serious and imminent threat to self or others. Law enforcement, medical professionals, family members, counselors, clergy.

Each of these categories has specific criteria that must be met before making the disclosure. The webinar will explain those criteria in understandable words and provide a methodology for deciding whether a particular disclosure is proper.

Some HIPAA issues arise infrequently or not at all. For example, if you do not conduct research, you don’t have to worry about what disclosures one can make of research data. Others, however, arise often, perhaps daily in large organizations, such as giving patients copies of their charts, giving family members access to Protected Health Information (PHI), dealing with the Press, and others. And most of the time one will not have the time to do a lot of research as to whether the disclosure is permissible or get a legal opinion.

         All key personnel should at least be familiar enough with the possible grounds for disclosure to recognize, “Oh, this person claims to be a family member, but I don’t know him. Do I have to verify his identity? Can I give him access to the chart?” Having disclosure policies and worksheets, like the samples provided, are an absolute necessity to avoid a sanction for breach of confidentiality or for failure to disclose that results in harm. Attendees will not only become familiar with the grounds for disclosure but also learn a methodology for making the disclosure to protect themselves, the facility, and the patient/client.

Understanding the criteria for the problematic disclosures covered in the webinar is key for providers and other covered entities to function safely, effectively, and legally. One never knows when one of these situations may arise. The 90-minute webinar on "HIPAA Privacy Rule Disclosure Misconceptions 2018 and 2019 HIPAA Update: Rule changes, New risks, and the Internet of Things" will answer questions like what do you do when:

• Someone you don’t know comes in and says that he is your patient’s father and wants a copy of the chart and you know that the parents are divorced.
• A parent wants to see the chart and has expressed that her daughter “will feel it on her behind end” if she’s on birth control pills.
• The patient was a victim of a mass shooting and the Press wants to know her status.
• A pastor wants to see the patient who has told you he is an atheist.
• A police officer asks whether an individual is your patient and is he in the facility.
• A relative wants to know whether the accident victim patient is alive?
• A mental health client wants to see the raw data of a psychological test.

Attendees will be provided a sample disclosure to law enforcement policy, a sample worksheet to determine whether a situation can or must be reported as being a serious and imminent threat, and a sanitized (to protect client confidentiality) and successful legal opinion provided to an Office for Civil Rights investigation demonstrating that a disclosure was not improper.

This webcast will be of a valuable assistance to the below audience.

• Security Officers
• Compliance Officers
• Nurses
• Healthcare Attorneys
• Health Information Management Professionals
• Medical Records Directors
• Security Personnel
• Basically, anyone who comes in contact with patients