Live Webinar | Medicare Payment and Reimbursement
Live Webinar | Innovation and Disruption
Live Webinar | Patient Financial Communications
Live Webinar | Operations and Other Technology
Legislative and Regulatory Update | Privacy and HIPAA

OCR Offers Guidance on Patient Behavioral Health Disclosure

Legislative and Regulatory Update | Privacy and HIPAA

OCR Offers Guidance on Patient Behavioral Health Disclosure

OCR has proposed deregulatory rulemaking to clarify when hospitals may share certain patient behavioral health information.

The HHS Office for Civil Rights (OCR) continually provides guidance to covered entities and to patients and their family members on important HIPAA-related topics, says Iliana Peters of the Polsinelli law firm in Washington, D.C. One such item is how healthcare providers can share information about mental and behavioral health issues. The guidance includes decision trees for providers and family members.

Also of note is that OCR is undertaking two deregulatory rulemaking efforts—a proposed rule titled “Changing Requirement to Obtain Acknowledgment of Receipt of the Notice of Privacy Practices,” and a proposed rule regarding “Presumption of Good Faith of HealthCare Providers.” 

The first proposed rule would ease the burden associated with attempting to obtain an acknowledgement from individuals when they receive a Notice of Privacy Practices. There has been a fair amount of confusion about whether the acknowledgment amounts to consent (it doesn’t) and whether it is a prerequisite to treatment (it isn’t).

The second proposed rule would make clear—absent evidence to the contrary—that the OCR would presume good faith when healthcare providers share information with incapacitated individuals’ family members. This presumption would be similar to those already in the Privacy Rule that permit HIPAA covered entities to disclose information to avert a serious threat to health or safety. The OCR has stated publicly that the presumption is implied by the Privacy Rule and is consistent with OCR’s current enforcement practices, but the proposed revision would clarify the point for healthcare providers and would help to ensure that they feel comfortable making such disclosures to family members.

See full article here: HIPAA Compliance Needs Improvement

J. Stuart Showalter, JD, MFS, is a contributing editor for HFMA, and is an HFMA member.

About the Author

Stuart Showalter

Sign up for a free guest account and get access to five free articles every month.


Related Articles | Privacy and HIPAA

Blog | Coronavirus

HHS policy update: Recent developments include an extension of the public health emergency and notable progress in reducing the Medicare appeals backlog

HHS Secretary Xavier Becerra signed a 90-day extension of the COVID-19 public health emergency, ensuring the PHE will last until at least mid-July.

Blog | Enterprise Risk Management

Fitch describes the heightened risk posed by cyberattacks on not-for-profit hospitals

Cyberattacks on NFP hospitals increased substantially during the COVID-19 pandemic and show no signs of abating, Fitch says.

Article | Value-Based Payment

Healthcare financial teams need accounting software that delivers clear, measurable results to navigate today’s challenges

One company uses its cloud-native financial accounting system to provide acute, ambulatory and post-acute organizations with data to solve their most complex challenges, focus on strategic initiatives, increase efficiency and drive growth.

Fact Sheet | Electronic Health Records

ONC 21st Century Cures Act Final Rule Summary

HFMA has summarized the ONC final rule implementing provisions of the 21st Century Cures Act.