Long-term care providers can share resident info for safety reasons without breaching HIPAA
Healthcare providers do not violate the Health Insurance Portability and Accountability Act privacy regulations if they share patient information in the interest of public safety, according to a letter sent last week by Leon Rodriguez, the director of the Office for Civil Rights (OCR).
The letter, addressed to “Our Nation's Health Care Providers,” was sent the same week that the Department of Health and Human Services released a 563-page omnibus rule updating HIPAA, as per the American Recovery and Reinvestment Act of 2009. The OCR letter also relates to President Barack Obama's announcement on Wednesday of sweeping measures to combat gun violence. Obama called on healthcare professionals to go to the authorities if they believe their patients pose a safety threat. Several news accounts just last week alone reported cases of guns being brought to nursing homes by outsiders with violent intent of consequences.
“The HIPAA Privacy Rule protects the privacy of patients' health information but is balanced to ensure that appropriate uses and disclosures of the information still may be made when necessary to treat a patient, to protect the nation's public health, and for other critical purposes, such as when a provider seeks to warn or report that persons may be at risk of harm because of a patient,” wrote Rodriguez.
A care provider can share patient information based on his or her own interactions with the individual, or based on a “credible report” by someone such as a family member of the patient, the letter stated.