SENSITIVE HEALTH INFO
February 10, 2016
By Jeff Clawson, M.D., and Doug Wolfberg
We had a discussion at our center regarding the topic of the Health Insurance Portability and Accountability Act (HIPAA).
The question that came up is: Is it a HIPAA violation if an EMD/dispatcher gives an update over the radio to the responding EMS unit that the patient is reported to have HIV/AIDS, if the caller reported this information to the calltaker?
We were reviewing the article on page 14, Industry Insider news section in the Nov/Dec issue of The Journal. After reading it, we continue to be unsure about this issue.
Brian Baldwin Assistant Operations Manager North Central CT EMS/CMED Hartford, Conn., USA
Wanting the best information possible on this delicate topic, I reached out to Doug Wolfberg, one of the top EMS legal experts in the world:
Hope all is going very well for you and the firm. I know this is probably an easy one for you, and we have a basic answer, but do you have any words of current wisdom and any documents/articles we could reference for this double-edged issue posed below: HIPAA and HIV/AIDS? As we understand it, HIPAA isn’t applicable per se at 911, but the broadcasting of a patient’s condition, where in that case’s patient could be identified by “Melvin Monitor” with his scanner, is very troublesome. You da man on this stuff!
Standing by the BatPhone … Doc
Doug brilliantly replied:
The short answer is no, there would be no HIPAA violation by a 911 center/PSAP communicating HIV/AIDS patient information to a responding agency via radio, because, generally speaking, PSAPs are not classified as “covered entities” under the HIPAA regulations.
The longer answer is—it’s a bad idea to give this information out over the radio, and it should not be done. My reasoning for this is that first, it could violate other federal laws other than HIPAA (the Americans with Disabilities Act [ADA] to name one) and state laws regarding privacy. It could bolster a claim of discrimination against the providers and/or the 911 center that the patient was treated differently on account of his or her condition. If the information turns out not to be accurate (such as may be the case when info is provided by a third-party caller), then there could be a suit for defamation due to the fact that the information is being publicized over the air. And, if the information is accurate, a claim for invasion of privacy could be raised under state law, especially if the plaintiff can establish that communicating the information wasn’t necessary to their patient care. Finally, infectious precautions are supposed to be “universal,” so singling out a patient for the use of precautions that are supposed to be used in all cases could raise legal issues as well.
If a PSAP wants to give this information out, it would be against my best advice, but if they do so, they should choose a more secure means than via radio. A cellphone or other form of encrypted or secured non-public communications would be preferable.
Doug Wolfberg Attorney, Founding Partner Page, Wolfberg & Wirth
Doug and Doc:
Your response is well received. We always believed and continue to believe that it is a good practice to protect and distribute information responsibly. This response educated us on and clarified the HIPAA element. The response also validated our beliefs on this matter.