HIPAA HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT PROCEDURAL
HIPAA HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT PROCEDURAL COVERED ENTITIES
PROTECTED HEALTH INFORMATION Individually identifiable health information Transmitted or maintained in any form or medium by a Covered Entity or its Business Associate
BREACH OF FIDUCIARY DUTY Trust relationship for confidentiality Lawyers can be sued for breach of fiduciary duty Health care providers are turning on lawyers as agents
PENALTIES CRIMINAL $50, 000 and/or 1 year in prison/violation CIVIL $100 up to $1. 5 million/violation Imposition of violation depends on several factors Action taken by covered entity after a violation occurs
Covered Entities Health Care Provider A Health Plan This includes providers such as: This includes: • Doctors • Health insurance companies • Clinics • HMOs • Psychologists • Company health plans • Dentists • Government programs that pay for • Chiropractors • Nursing Homes • Pharmacies health care, such as Medicare, Medicaid, and the military and veterans health care programs A Health Care Clearinghouse This includes entities that process nonstandard health information they receive from another entity into a standard (i. e. , standard electronic format or data content), or vice versa.
YOU ARE NOT A COVERED ENTITY HIPAA applies to those covered entities we just reviewed (medical folks) You (lawyer) are not a covered entity under HIPAA
PRIVATE CITIZENS CAN FILE STATE CAUSES OF ACTION FOR BREACH OF FIDUCIARY DUTY (MO) NEGLIGENCE/NEGLIGENCE PER SE/BREACH OF FIDUCIARY DUTY (KS)
Missouri Breach of Fiduciary Duty Fiduciary Relationship Lawyers can be sued for breach of fiduciary duty Fiduciary is a trust relationship Does not have to involve money Actual pecuniary loss not required
KANSAS Negligence/Negligence K. S. A No Per Se 65 -5601 et seq. case law to help define violation Breach of Fiduciary Relationship
DUTIES OF LAWYERS WHEN DEALING WITH COVERED ENTITIES
When can health care provider release information to someone other then the patient? AUTHORIZATION QUALIFIED PROTECTIVE ORDER
AUTHORIZATION Must follow HIPAA procedures Written Limitation of Use What will happen to the records at the end of case Protect the covered entity
QUALIFIED PROTECTIVE ORDER Must have a hearing Notice and opportunity to object Only if good cause shown Limitation of use Limitation of release Destruction of the records at the conclusion of use
DANGER WILL ROBINSON!!! Subpoena Drug testing facilities Pro Se Litigants Procedures to Protect Covered Entity Protect the Attorney
PROCEDURES WILL SET YOU FREE Check the authorization Check the records you receive If you get records beyond the scope of the authorization, send them back with a letter If you see something you should not have, tell the patient and do not use it Even the most benign disclosure can be a potential breach
- Slides: 15