Davis Wright Tremaine LLP The Seventh National HIPAA Summit HIPAA Privacy: Privacy Rule Compliance on Public Health Activities and Research Thomas E. Jeffry,

Slides:



Advertisements
Similar presentations
HIPAA for Governments & Municipalities Rebecca L. Williams, RN, JD Partner, Co-Chair of HIT/HIPAA Practice Davis Wright Tremaine LLP Seattle, WA
Advertisements

Davis Wright Tremaine LLP HIT Legal Issues: HIPAA Implications to a Regional Health Information Organization Becky Williams, R.N., J.D. Partner, Co-Chair,
Responding to Subpoenas and Law Enforcement Demands for PHI: An Overview Janet A. Newberg Chair, Health Law Section Felhaber Larson Fenlon & Vogt, P.A.
 What is the Privacy Rule? The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) governs the use and disclosure of.
HIPAA Basics Brian Fleetham Dickinson Wright PLLC.
HIPAA and Public Health 2007 Epi Rapid Response Team Conference.
NATIONAL FORUM ON YOUTH VIOLENCE PREVENTION: HIPAA PRIVACY RULE CONSIDERATIONS November 1, 2011 Iliana L. Peters, JD, LLM HHS Office for Civil Rights.
Confidentiality and HIPAA
HIPAA – Privacy Rule and Research USCRF Research Educational Series March 19, 2003.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
North Carolina State University Health Information Privacy 4/16/03.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
HIPAA THE PRIVACY RULE Reviewed December HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti-
Health Insurance Portability and Accountability Act (HIPAA)
Objectives  Review federal statutes (HIPAA, FERPA)  Discuss state guidelines  Review local procedures
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
Implementation of Privacy Board Reviews at PCMC Mary Thomason, Intermountain Healthcare Privacy Board Chair.
August 10, 2001 NESNIP PRIVACY WORKGROUP HIPAA’s Minimum Necessary Standard Presented by: Mildred L. Johnson, J.D.
Your HIPAA rules Ben Burton, JD, MBA, RHIA, CHP, CHC Notice of Privacy Practices.
Who Must Comply? When is a patient authorization NOT required?  As needed for the protection of federal and state elective constitutional officers and.
Informed Consent and HIPAA Tim Noe Coordinating Center.
HIPAA Health Insurance Portability & Accountability Act of 1996.
Health Insurance Portability and Accountability Act (HIPAA)
1 VUMC Confidentiality Policy and HIPAA Implications for Clinical Research General Clinical Research Center Skills Workshop March 2, 2007 Gaye Smith Privacy.
HIPAA The Privacy Rule Health Insurance Portability and Accountability Act of 1996 (HIPAA) The 104 th Congress passed the Act, Public Law ,
– Privacy in Perspective – Dealing with Hybrids & Other Unique Collaborations Thomas E. Jeffry, Jr., Esq. Partner, Davis Wright Tremaine LLP, Los Angeles,
1 Disclosures © HIPAA Pros 2002 All rights reserved.
Office of the Secretary Office for Civil Rights (OCR) Indian Health Service HIPAA Training Hosted by the Aberdeen Area Office July 24, 2012.
Computerized Networking of HIV Providers Workshop Data Security, Privacy and HIPAA: Focus on Privacy Joy L. Pritts, J.D. Assistant Research Professor Health.
Michael R. Costa, Esq., M.P.H. Greenberg Traurig, LLP One International Place, 3 rd Floor Boston, MA (fax)
HIPAAand Disaster Situations By LYNDA M. JOHNSON Friday, Eldredge & Clark.
H I P A A T R A I N I N G Self Directed Module 7 Research Disclosures For Data Custodians START Click to begin…
Practicing In Harmony with HIPAA The views and opinions expressed in the presentation are those of the presenter, and not necessarily official positions.
Medical Law and Ethics, Third Edition Bonnie F. Fremgen Copyright ©2009 by Pearson Education, Inc. Upper Saddle River, New Jersey All rights reserved.
Advanced Issues in Privacy: Drafting and Negotiating Business Associate Contracts Thomas E. Jeffry, Jr. Partner Davis Wright Tremaine LLP Los Angeles,
S. Lee Woods, M.D., Ph.D. Director, Office of Surveillance and Quality Initiatives Maternal and Child Health Bureau Prevention and Health Promotion Administration.
HIPAA THE PRIVACY RULE. 2 HISTORY In 2000, many patients that were newly diagnosed with depression received free samples of anti- depressant medications.
OHCAs, ACEs and Hybrid Entities Paul Smith Davis Wright Tremaine LLP One Embarcadero Center Suite 600 San Francisco, CA (415)
Health Insurance portability and Accountability Act (HIPAA)‏
HIPAA Privacy: Those Nagging Issues That Don’t Seem to Go Away Rebecca L. Williams, RN, JD Partner; Co-Chair of HIT/HIPAA Practice Group Davis Wright.
HIPAA and Human Subjects Research IRB Member CE May 2014 Slideshow by Sean Horkheimer.
A NATIONAL HIPAA SUMMIT AUDIOCONFERENCE Davis Wright Tremaine LLP Legal Requirements For Vendor And Clearinghouse HIPAA Compliance; Business Associate.
1 Demonstration of Health - IT Benefits: Access to PHI in India Presented by Mr. Amitava Chakraborty IPR, Space Law & Health-IT Consultant (India, US,
Human Subjects Update E. Wethington, Chair, UCHS.
HIPAA TRIVIA QUEST December Edition. I’ll ask the questions - and you’ll give the answers.
Health Insurance Portability and Accountability Act (HIPAA) © 2013 Project Lead The Way, Inc.Principles of Biomedical Science.
COMMUNITY-WIDE HEALTH INFORMATION EXCHANGE: HIPAA PRIVACY AND SECURITY ISSUES Ninth National HIPAA Summit September 14, 2004 Prepared by: Robert Belfort,
Disclaimer This presentation is intended only for use by Tulane University faculty, staff, and students. No copy or use of this presentation should occur.
Final HIPAA Privacy Rule: The Research Provisions Julie Kaneshiro DHHS Office for Human Research Protections Phone: Fax:
HIPAA Training Workshop #2 Trainer: Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Juvenile Legislative Update 2013 Confidential Records and Protected Disclosures.
HIPAA Training Workshop #3 Individual Rights Kaye L. Rankin Rankin Healthcare Consultants, Inc.
Health Insurance Portability and Accountability Act
HIPAA THE PRIVACY RULE Reviewed December 2012.
To start the presentation, click on this button in the lower right corner of your screen. The presentation will begin after the screen changes and you.
Health Insurance Portability and Accountability Act
The HIPAA Privacy Rule: Implications for Medical Research
HIPAA Administrative Simplification
Health Insurance Portability and Accountability Act
HIPAA Pros - Disclosures
Paul T. Smith, Esq. Partner, Davis Wright Tremaine LLP
2003 Immunization Registry Conference
National Congress on Health Care Compliance
Making Your IRBs and Clinical Investigators HIPAA-Ready
THE 13TH NATIONAL HIPAA SUMMIT HEALTH INFORMATION PRIVACY & SECURITY IN SHARED HEALTH RECORD SYSTEMS SEPTEMBER 26, 2006 Paul T. Smith, Esq. Partner,
New School Violence Law; HIPAA Privacy Training
Health Insurance Portability and Accountability Act
Health Insurance Portability and Accountability Act
Presentation transcript:

Davis Wright Tremaine LLP The Seventh National HIPAA Summit HIPAA Privacy: Privacy Rule Compliance on Public Health Activities and Research Thomas E. Jeffry, Jr. Davis Wright Tremaine LLP Los Angeles, California Thomas E. Jeffry, Jr. Davis Wright Tremaine LLP Los Angeles, California

Davis Wright Tremaine LLP Balancing Individual Privacy and Communal Interests A central premise of DHHS’ Privacy Rule, like most health information privacy protections, is how to balance individual privacy interests with communal needs for data, like public health and health research.

Davis Wright Tremaine LLP The Covered Entity is responsible for the protected health information it collects and maintains and is liable under HIPAA for unauthorized uses and disclosures.

Davis Wright Tremaine LLP Covered Entity Must: Identify what disclosures and uses are for treatment, payment and health care operations Identify what disclosures and uses are subject to exceptions set forth in 45 CFR To the extent required by law For specified public health activities to a public health authority or other appropriate government authority For specified health oversight activities For research purposes with a waiver from IRB or Privacy Board To avert a serious threat to health and safety Exercise professional judgment in the case of an emergency or disaster relief Account for most disclosures not authorized Identify what disclosures and uses are for treatment, payment and health care operations Identify what disclosures and uses are subject to exceptions set forth in 45 CFR To the extent required by law For specified public health activities to a public health authority or other appropriate government authority For specified health oversight activities For research purposes with a waiver from IRB or Privacy Board To avert a serious threat to health and safety Exercise professional judgment in the case of an emergency or disaster relief Account for most disclosures not authorized

Davis Wright Tremaine LLP What is the Impact of the Privacy Rule on Public Health? Internally – what are the ways that the rule affects the practice of public health or public health research done by public health agencies or its partners? Externally – how does the Rule impact the flow of indentifiable health data into or out of public health agencies? Internally – what are the ways that the rule affects the practice of public health or public health research done by public health agencies or its partners? Externally – how does the Rule impact the flow of indentifiable health data into or out of public health agencies?

Davis Wright Tremaine LLP Public Health Practice - Internally To the extent that public health authorities use or disclose identifiable health data for public health purposes, they are not “covered entities,” and are thus not required to adhere to the provisions of the Privacy Rule.

Davis Wright Tremaine LLP Public Health Practice - Externally How will the Privacy Rule affect the flow of health data to public health authorities?

Davis Wright Tremaine LLP The Public Health Exception The “public health” exception states that a covered entity may disclose protected health information without specific, individual authorization to a “public health authority that is authorized by law to collect and receive such information for the purpose of preventing and controlling disease, injury, or disability, including... reporting of disease... and the conduct of public health surveillance....”

Davis Wright Tremaine LLP Similar Public Health Exceptions Disclosures to maintain the quality, safety, or effectiveness of FDA products Disclosures to notify persons exposed to communicable diseases Disclosures about victims of abuse, neglect, or domestic violence Disclosures for health oversight activities Disclosures to prevent serious threats to persons or the public Disclosures to maintain the quality, safety, or effectiveness of FDA products Disclosures to notify persons exposed to communicable diseases Disclosures about victims of abuse, neglect, or domestic violence Disclosures for health oversight activities Disclosures to prevent serious threats to persons or the public

Davis Wright Tremaine LLP What is a ‘Public Health Authority’? A public health authority is an : agency or authority of the United States, a State, a territory, a political subdivision of a State or territory, or an Indian tribe, or a person or entity acting under a grant of authority from or contract with such public agency... that is responsible for public health matters as part of its official mandate. A public health authority is an : agency or authority of the United States, a State, a territory, a political subdivision of a State or territory, or an Indian tribe, or a person or entity acting under a grant of authority from or contract with such public agency... that is responsible for public health matters as part of its official mandate.

Davis Wright Tremaine LLP Dealing with State Reporting Laws The privacy regulations expressly do not pre-empt (or override) state law that “provides for the reporting of disease or injury... or for the conduct of public health surveillance [or] investigation....”

Davis Wright Tremaine LLP Different Perspectives in Approaching the “Grey Areas” Required by law vs. permitted or authorized by law Distinguishing clinical care from research Distinguishing surveillance from research Downstream uses and disclosures of previously disclosed PHI to a public entity How to deal with Community Health Record to identify and service patient needs When to rely on disaster relief, threat to public safety to disclose information Can a government authority or research organization be a business associate Required by law vs. permitted or authorized by law Distinguishing clinical care from research Distinguishing surveillance from research Downstream uses and disclosures of previously disclosed PHI to a public entity How to deal with Community Health Record to identify and service patient needs When to rely on disaster relief, threat to public safety to disclose information Can a government authority or research organization be a business associate

Davis Wright Tremaine LLP Special Research Concerns Researchers need training on HIPAA requirements, waivers, and authorizations Authorization in Informed Consents vs. separately signed authorizations Identifying all the uses of and groups who may receive research PHI Creating a limited data set for research purposes; researchers as business associates subject to date use agreements Collection and use of specimens Researchers need training on HIPAA requirements, waivers, and authorizations Authorization in Informed Consents vs. separately signed authorizations Identifying all the uses of and groups who may receive research PHI Creating a limited data set for research purposes; researchers as business associates subject to date use agreements Collection and use of specimens

Davis Wright Tremaine LLP When in doubt, obtain an authorization CE and public health officials discuss and agree upon ‘grey areas’ in advance Demonstrate parallel commitment toward privacy and security What to do about PH & Research?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.