Birmingham Medical News : HIPAA Privacy During Emergency Situations

Articles / Publications

A patient arrives at your facility with Ebola-like symptoms. After taking the necessary precautions, you run the requisite tests, conduct a patient interview, and determine that in fact the patient has contracted the Ebola virus. You also learn that the symptoms have been present for a couple of days, but like many people, the patient delayed seeking treatment until the symptoms got worse. After questioning the patient, you discover that since returning from West Africa one week earlier, the patient has returned to work, visited with family, attended church, and been shopping at the local mall, all while exhibiting symptoms. Thus, hundreds of people living in the community have potentially been exposed. What do you do? What information can you release to the public? Do you need the patient's consent to warn the public about the potential exposure?

The U.S. Department of Health and Human Services, Office for Civil Rights ("OCR"), the entity responsible for overseeing compliance with the Health Insurance Portability and Accountability Act of 1996 ("HIPAA"), recently issued guidance on how to address HIPAA privacy in emergency situations, such as the one described above. Importantly, while there are a number of ways in which protected health information can be shared in an emergency situation, you should keep in mind that the protections of HIPAA are not set aside during an emergency. Thus, while it is important to alert the public to the potential exposure, it must be done in a manner that is compliant with HIPAA. HIPAA, however, does provide several mechanisms through which information may be released:

To download the full article, please click here.

Burr
Jump to Page

Contact Us

About Burr & Forman Cybersecurity & Data Privacy Law

Burr & Forman's experienced team helps clients navigate the complex cybersecurity and data privacy landscape with strategies designed to assess current risks, develop a corrective action plan, implement best practices, and provide immediate and appropriate responses to a cybersecurity breach.

We use cookies to improve your website experience, provide additional security, and remember you when you return to the website. This website does not respond to "Do Not Track" signals. By clicking "Accept," you agree to our use of cookies. To learn more about how we use cookies, please see our Privacy Policy.

Necessary Cookies

Necessary cookies enable core functionality such as security, network management, and accessibility. These cookies may only be disabled by changing your browser settings, but this may affect how the website functions.


Analytical Cookies

Analytical cookies help us improve our website by collecting and reporting information on its usage. We access and process information from these cookies at an aggregate level.