Careers

Experiences

Industries

Offices

Our Firm

Pages

Our People

Updates

Practices

Warner Norcross + Judd LLP is a corporate law firm with over 230 attorneys serving clients in nine offices throughout Michigan. Among the largest law firms in Michigan, Warner works in virtually all areas of business law.

Michigan Law Firm - Warner Norcross + Judd LLP

This month, the Office for Civil Right of the US Department of Health and Human Services released a <a href="http://www.hhs.gov/ocr/privacy/hipaa/understanding/special/emergency/hipaa-privacy-emergency-situations.pdf" target="_blank" rel="noreferrer noopener">bulletin</a> clarifying how the <a href="http://www.hhs.gov/ocr/privacy/hipaa/administrative/privacyrule/" target="_blank" rel="noreferrer noopener">Privacy Rule</a> of the Health Insurance Portability and Accountability Act of 1996 applies "in light of the Ebola outbreak and other events." The bottom line is that " the protections of the Privacy Rule are not set aside during an emergency."

contentpilot/introduction

There are some circumstances under which covered entities (<em>i.e</em>., the&nbsp;health care agencies to which HIPAA applies) may disclose protected patient information without the patient's permission. This includes information&nbsp;"necessary to treat the patient or to treat a different patient." As used in this setting, "treatment" includes the coordination or management of health care and related services by one &nbsp;or more health care providers and others, consultation between providers, and the referral of patients for treatment.

core/paragraph

Covered entities may also share patient information with public health authorities such as the CDC. They may also disclose to certain persons at risk of contracting the disease and family members, but only under limited circumstances as determined by other law, extenuating circumstances, or the patient's consent.

The type of disclosures least likely to pass HIPAA muster are disclosures to the news media and others not involved in the patient's care. " In general,&nbsp;except in the limited circumstances," says the HHS bulletin, "affirmative reporting to the &nbsp;media or the public at large about an identifiable patient, or the disclosure to the public or media of specific information about treatment of an identifiable patient, such as specific tests, test results or details of a patient’s illness, may not be done without the patient’s written authorization (or the written authorization of a personal representative who is a person legally authorized to make health care decisions for the patient)."

This means that covered health care entities should be especially vigilant to remind their employees, volunteers, and business associates (all of whom are covered by the Privacy Rule) about the applicable&nbsp;social media policies during times of intense public attention on ebola and other public health crises. &nbsp;Experience has shown that health care workers are just as prone as others to leak confidential information online when they think others would be interested in knowing. Even oblique references to a patient being treated for ebola or another notorious disease&nbsp;could be enough to land the person's employee in trouble under the Privacy Rule.

Augmented Legality

Emerging Media and Technologies

Partner

Brian D. Wassom

Information Technology Transactions

#Ebola vs. #HIPAA – Privacy During an Epidemic

Warner Norcross + Judd LLP is responsible for the contents of our advertising and this website. Please read our full <a href="/privacy-policy/" aria-label="see privacy policy">privacy policy</a> available on our website. If you have any questions or comments about our website or our Privacy Policy please contact us at <a href="mailto:info@wnj.com">info@wnj.com</a> or 616.752.2000. 

#Ebola vs. #HIPAA – Privacy During an Epidemic

professionals