Practicing In Harmony with HIPAA - PowerPoint PPT Presentation

About This Presentation
Title:

Practicing In Harmony with HIPAA

Description:

Practicing In Harmony with HIPAA The views and opinions expressed in the presentation are those of the presenter, ... Rural Health Clinic, ... – PowerPoint PPT presentation

Number of Views:113
Avg rating:3.0/5.0
Slides: 14
Provided by: ide103
Category:

less

Transcript and Presenter's Notes

Title: Practicing In Harmony with HIPAA


1
Practicing In Harmony with HIPAA
The views and opinions expressed in the
presentation are those of the presenter, and not
necessarily official positions of the United
States Department of Justice.
2
Purpose
  • Underscore the commitment of DOJ to facilitate
    covered entity compliance with HIPAA while
    pursuing its legitimate governmental functions
  • Discuss the different functions of DOJ with
    reference to HIPAA disclosures

3
The Multiple Hats of DOJ
  • Health Oversight
  • Law Enforcement
  • Representing Government Entities
  • VA Hospital, Rural Health Clinic, Government
    Employees
  • Prosecuting Criminal Violations of 42 USC 1320d-6
  • The activity will dictate the applicable HIPAA
    provision which permits disclosure
  • DOJ is NOT a covered entity

4
Which HIPAA Exception Permits Disclosure to DOJ?
  • Least restrictive exception applies
  • Health Oversight (45 CFR 164.512(d))
  • (Essentially preserved the pre-HIPAA landscape on
    disclosures)
  • Law enforcement (45 CFR 164.152(f)
  • Representing a government agency (45 CFR
    164.508)

5
Informing the Covered Entity
  • Informing the covered entity which provision of
    HIPAA permits the requested disclosure
  • May be written, may be oral

6
Permitted Disclosures to Law Enforcement
  • Pursuant to Process and Required by law
    164.512(f)(1)
  • Court Orders, Warrants, Judicial Subpoenas
  • Grand Jury Subpoenas
  • Administrative Request/Demand/Subpoena, provided
    that
  • Relevant and material to legitimate L.E. inquiry
  • Specific limited in scope to extent reasonably
    practicable in light of the purpose
  • De-identified information could not reasonably be
    used
  • Covered entity can rely on representations on the
    face of the administrative subpoena
    (164.514(h)(2)(A))

7
Permitted Disclosures to Law Enforcement
  • Other Provisions of 164.512 (f)
  • 8 items for Identification and Location of
    suspects, material witness, missing person
  • Victims of crime, but unless required by law or
    process, certain limitations for victims of
    abuse, neglect or domestic violence
  • Decedents, if under suspicious circumstances
  • Crime on premises
  • Reporting crime in an emergency

8
One Health Oversight Note
  • Health oversight has been discussed by Anne
    MacArthur of the OIG
  • Special Note About Administrative Subpoenas used
    in furtherance of health oversight activity
  • When a health oversight activity, 164.512(d)
    governs the limitations in 164.512(f)(a) are
    irrelevant (including restrictions on L.E.
    administrative subpoenas) only apply to law
    enforcement activity

9
Some Other Special Circumstances
  • Avert serious threat to health or safety
    164.512(j)
  • Specialized government functions -164.512(k)
  • National Security and Intelligence
  • Protective Services for President and others
  • Correctional institutions and other law
    enforcement custodial situations

10
Suspension of Audit Trail Disclosure
  • A covered entity must suspend an individuals
    right to an account when an oral or written
    request is made by a health oversight or law
    enforcement official for the length of time
    requested by the official. 45 CFR 164.528
    (a)(2)
  • Oral request (good for up to 30 days) followed by
    written request
  • Document the request.
  • Reasonably likely to impede the agencys
    activities

11
Preemption of State Privacy Law
  • A HIPAA standard, requirement or implementation
    specification, preempts a state law concerning
    the privacy of protected health information,
    unless the state law
  • Is contrary to HIPAA, and
  • Relates to the privacy of Individually
    Identifiable Health Information, and
  • Is more stringent than a provision of the HIPAA
    medical privacy rules
  • U.S. Constitution supremacy clause

12
Criminal Violations of HIPAA Privacy Rules
  • HIPAA create a criminal violation for improper
    disclosure or receipt of protected health
    information 42 U.S.C. 1320d-6
  • DOJ investigates and prosecutes criminal
    violations of this statute primarily
    investigated by FBI
  • 3-levels of escalating penalties keyed to
    egregiousness of the offense conduct
  • Direct complaints, or referrals from HHS-OCR

13
Conclusion
  • We are committed to facilitating the disclosure
    of protected health information for health
    oversight and law enforcement purposes in
    compliance with HIPAA
  • We will firmly resist efforts by covered entities
    to constrict the exceptions which HIPAA permits
  • We will investigate complaints of criminal HIPAA
    violations and prosecute where appropriate.
  • Ian DeWaal, Senior Counsel
  • Department of Justice,
  • Criminal Division, Fraud Section
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Practicing In Harmony with HIPAA" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!