DBR ON DATA

Security, Privacy and Information Governance

Tag: Health Care

CMS Proposed Rule, Rebranding of Medicare and Medicaid Electronic Health Records Incentives Program Shifts Focus to Interoperability and Patient Access

Share

The Centers for Medicare and Medicaid Services (CMS) recently released its Proposed Rule that, in major part, rebrands the previously known Medicare and Medicaid Electronic Health Records (EHR) Incentives Program into the Promoting Interoperability Program. The rebrand shifts the focus of the program to ensure that providers facilitate patient access to their own health data, and  limit the burden on health care providers when it comes to monitoring clinical care using health technology.

Continue reading

OCR’s Guidance on HIPAA-Permissible Information Sharing During Patient Opioid Crisis

Share

In response to President Trump’s call to action on opioids, acting Department of Health and Human Services (HHS) Secretary Eric D. Hargan declared the opioid crisis a national public health emergency on October 26, 2017.  The next day, HHS-Office for Civil Rights (OCR) released new guidance on when and how health care providers can share a patient’s health information with the patient’s family and close friends during certain crisis situations, such as opioid overdoses, without violating the Health Insurance Portability and Accountability Act (HIPAA) privacy regulations.

HIPAA prohibits health care providers from sharing protected health information about patients who have capacity to make their own health care decisions and object to information sharing, unless there is a serious and imminent threat of harm or safety.  However, health care professionals may disclose some health information without a patient’s permission under certain circumstances, including:

  • Sharing health information with family, close friends, or any other person identified by the patient, and involved in caring for the patient if the provider determines that doing so is in the incapacitated or unconscious patient’s best interests and the information is directly related to the family or friend’s involvement in the patient’s health care or payment for care. The provider may use professional judgment and experience with common practice to make reasonable inferences of the patient’s best interest.
  • Informing persons in a position to prevent or lessen a serious or imminent threat to the patient’s health or safety.

Continue reading

© 2018 Drinker Biddle & Reath LLP. All Rights Reserved. Lawyer Advertising.

Disclaimer/Privacy Policy