An article in one of my hometown newspapers yesterday illustrates the tension that can exist between the interests of law enforcement and patient privacy. Here’s the story. Following a domestic dispute, husband checks himself into the University of Utah Neuropsychiatric Institute. The police show up to serve an arrest warrant and the hospital refuses to disclose whether the man is a patient there citing Health Insurance Portability and Accountability Act (HIPAA) as the barrier. The police ask the hospital to inform them if the patient is discharged. Husband is later discharged and goes to live with his mother but the hospital doesn’t tell the cops. When they find out from some other source where husband is, the cops contact mom and tell her they need to serve an arrest warrant on husband. He checks back into the hospital before they can serve the arrest warrant. Back go the police to the hospital but again the facility refuses to disclose any patient information to them. The cops then get a search warrant and this finally triggers the hospital’s disclosure of information about the patient.

The police find it frustrating to have to jump through so many hoops but the hospital stands by its position that to comply with HIPAA that’s just the way it has to be. When dealing with substance abuse treatment the hospital requires not just an arrest warrant but a search warrant before it is on safe ground disclosing patient information.

I can’t say whether either side’s position was unjustified or improper without taking a harder look at the details of HIPAA as applied to this particular situation. But it’s an interesting little brouhaha.

Join The Conversation
Kadar 07/22/2019 07:08 AM
HIPAA compliance checklist has been divided into segments for each of the applicable rules. It should be pointed out that there is no hierarchy in HIPAA regulations, and even though privacy and security measures are referred to as “addressable”, this does not mean they are optional. Each of the criteria in our hipaa compliance checklist has to be adhered to if your organization is to achieve full HIPAA compliance.
Post A Reply
Post A Comment