Google partners
Capline Healthcare Management
Menu
Schedule a call

Healthcare Privacy Rule Bolsters Protections for Reproductive Health Information

A novel regulation has been issued by the Department of Health and Human Services (HHS) under the Healthcare Privacy Rule. It goes by the name “Healthcare Privacy Rule to Support Reproductive Health Care Privacy,” intending to bolster privacy protections significantly for patient’s reproductive health information (RHI).

The application of this rule can come across as a surprise for many healthcare providers. RHI is not only defined in a broad sense but it also includes many minute details, from contraception and menopause treatment to over-the-counter medications that affect the reproductive system. This would mean that hospitals, clinics, pharmacies, and other HIPAA-covered entities will have to make changes within their systems to ensure compliance.

The law precludes the revelation of RHI for individuals involved in seeking, providing, or assisting legal reproductive healthcare. This rule applies to situations like:

  • Reproductive healthcare is legal in the state it’s provided
  • Care mandated by federal law, like emergency care
  • Care provided by someone other than the recipient of the information request (unless they know it’s unlawful)

Nevertheless, patients retain the authority to approve their RHI disclosure even though it is typically restricted by the Healthcare privacy rule. OCR recognizes this act could make providers vulnerable to liabilities if such approval is misused for illicit intent.

A new rule is being introduced, which requires certain non-healthcare-related disclosures to be done under the Healthcare privacy rule. In response to any requests from law enforcement, courts, or other entities, providers are required to get an attestation from the requester. The purpose of this attestation is to confirm that the request is not meant for any prohibited purpose specifically related to reproductive healthcare.

Healthcare providers should act proactively to comply with this new aspect of the Healthcare privacy rule. Here are a few recommendations:

  • Locate the place in patient records, along with billing and administrative data where RHI is contained.
  • Amend HIPAA business associate contracts to assure adherence by any third-party suppliers who have possession of patient information.
  • Examine and revise internal policies and procedures concerning the Healthcare Privacy Rule — encompassing definitions, allowable disclosures, as well as management of subpoenas; establish a system for acquiring attestations when needed.
  • Train the in-house staff responsible for responding to information inquiries about the new rules of RHI and the self-attestation process according to the Healthcare privacy rule.
  • Ensure that your information-blocking policies are up-to-date to consider any potential delays in disclosing EHI that contains RHI.
  • Finally, be prepared for more clarification on this topic from the OCR.

By following these steps, you can protect your patients’ privacy regarding RHI and be compliant with the Healthcare privacy rule.

Source:

https://www.jdsupra.com/legalnews/reproductive-healthcare-privacy-rule-5003087/

 


Powered by


No, thank you. I do not want.
100% secure your website.