Health Information Compliance Alert

You Be The Security Expert:

Should We Ask Patient Before Disclosing 'Reportable Disease'?

Published on Tue Aug 28, 2007

PDF

Read the question below and decide how you would handle it before you compare it to our expert's advice.

Question: A patient comes in with a disease that represents a public health threat, i.e. a "reportable disease." Is a health care provider or other covered entity required to obtain permission from the patient before notifying public health officials about the case?

Answer: No. The HIPAA Privacy Rule permits disclosures that are required by other law, and all states have regulations requiring covered entities to report occurrences of certain health care threats/diseases to public health authorities, according to the Department of Health and Human Services (HHS).

The Privacy Rule also allows covered entities to disclose health information to public health authorities that are authorized by law to collect information for "public health purposes." This access is crucial to public health authorities' ability to protect the public, says HHS. The kinds of information that covered entities may disclose to such authorities include:

Occurrences of disease or injury
Deaths and births
Health concerns related to food, vitamins and/or other dietary supplements, drugs, biological products, and medical devices or products

In addition to having the right to gather such information, public health authorities are allowed to take certain actions to monitor and/or fight a public health threat.

For example: Public health authorities may need to contact patients who were diagnosed with a dangerous communicable disease to find out where they contracted it so as to prevent further outbreaks.

Health Information Compliance Alert

SECURITY COMPLIANCE:
Don't Deep-Six Your Security Ship
Expert tips for smooth security incident sailing. Need help understanding what a security incident is [...]

National Provider Identifier Update:
Keep Your Legacy Numbers To Avoid Pay Glitches
Don't remove all of your legacy numbers from the National Provider Identifier (NPI) database. If [...]

Technology Update:
CMS Gives Green Light To Personal Health Records Pilot Program
Check out what Medicare is doing to help beneficiaries. The Centers for Medicare & Medicaid [...]

Security:
'Scrub-A-Dub-Dub': Sanitize Your PHI
Take the sledgehammer approach if need be, experts advise. Covered entities, be forewarned: If state [...]

You Be The Security Expert:
Should We Ask Patient Before Disclosing 'Reportable Disease'?
Read the question below and decide how you would handle it before you compare it [...]

Training:
Use Real-Life Examples For Most Effective HIPAA Training
One size does fit all where HIPAA privacy training is concerned. If you're planning to [...]

Reader Question:
Power of Attorney Remains Intact
Question: How does the Privacy Rule affect how hospitals should treat power of attorney? Does [...]

Reader Question:
PHI Access For Mentally Retarded
Question: I work in a small, state-funded clinic that sees many patients (adult) with mental [...]

Reader Question:
Minors Retain HIPAA Rights
Question: What happens to a minor's health information Ð in terms of access Ð when [...]

Industry News:
Post-Acute Assessment Reform Demo Looking For You
Get a sneak peak at a tool that could reshape your patient evaluations. A demonstration [...]

In other news...
You'd better make sure your HIPAA policies and procedures are up to snuff. The feds [...]

View All