View
2
Download
0
Category
Preview:
Citation preview
Welcome
Dr.J.Sco-NelsonEd.DNCCLCPCCRADCSAPAssistantProfessor
LicensedClinicalProfessionalCounselor
Con$identiality:Overview,HIPAAtips,andpracticaltechnologytools
Presenter:Dr.J.ScottNelsonEdD.,LCPCCRADCSAPACSAssistantProfessor/LicensedClinicalProfessionalCounselorIllinoisFireFighterPeerSupport(ILFFPS)ClinicalConsultant
jsnelson@argosy.edu
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Course Objectives
A=ercomple?ngthiscourse,par?cipantsshouldbeableto:
• Understandtheconceptofconfiden0ality• Dis0nguishthedifferencebetweenconfiden0alityandprivilegedcommunica0onandprivatecommunica0on
• Iden0fyaprac0caldecisionmakingmodelforprotec0ngclientconfiden0ality
• Definethepersonalriskfactorsthatmightcontributeuninten0onalbreachofconfiden0ality
Copyright ©2012, Netsmart Technologies, Inc. All Rights Reserved.
Confidentiality AndRelatedTermsDefined
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Confidentiality:
“Mentalhealth[andmedical]professionalshaveanethicalresponsibility,aswellasalegalandprofessionalduty,tosafeguardclientsfromunauthorizeddisclosureofinforma0on…”
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Confidentiality:
• Atthecoreofeffec0veclinicalwork• Rootedinclient’srighttoprivacy• Professional’sethicalandlegaldutytoprotectprivateclientcommunica0on
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Privileged Communication:
• Legalconceptthatvariesfromstatetostate• Generallyprohibitsdisclosureofconfiden0alcommunica0oninlegalproceeding
• Excep0ons:• GroupCounseling• CouplesandFamilyCounseling• ChildandAdolescentCounseling
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Privacy:
“Thecons0tu0onalrightofindividualstobeleRaloneandtocontroltheirpersonalinforma0on”
Wheeler & Bertram (2012)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
When Using Case Studies
• Obtainclientpermission• Disguisecasematerial• Developacompositefrommorethanoneclientmaterial
Sperry and Pies (2010)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Permissive Limits of Confidentiality:
• Clericalhandlingofconfiden0alinforma0on• ProfessionalConsulta0on• ClinicalSupervision• WithClientWriVenConsent
“DoNoHarm”
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Legal Exceptions
• CredibleClientThreattoSelforOthers• ClientDisclosesIntenttoCommitaCrime• SuspectedChildorVulnerableAdultAbuse/Neglect
• CourtOrder• ClientFilesComplaint• CivilCommitment
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Fisher’s 6 Step Guideline
1. Prepara0on-knowthelimits2. Tellclientsthetruth“upfront”3. Obtaintrueinformedconsentbefore
disclosing4. Respondethicallytolegalrequests5. Stayawayfrom“avoidable”breaches6. Talkaboutconfiden0ality
Fisher (2008)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPPA (1996)
• HealthInsurancePortabilityandAccountabilityActof1996(HIPAA)
• ProtectConfiden0alityandSecurity• SetsLimitsandCondi0ons• GivesClients/Pa0entsRights
• ExamineHealthInforma0on• RequestCorrec0ons
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPPA Privacy Rule (2003)
• Rule protects all “individually identifiable health information”
• Relating to: • past, present, or future physical or mental
health or condition • provision of health care • past, present, or future payment
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPPA (2003) Permitted Disclosures
1. to the individual client/patient 2. for treatment, payment, and operations 3. with opportunity to agree or object 4. for notification and other purposes 5. for public health and benefit activities
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HITECH Act (2009)
• Transmit individually identifiable health information in electronic format
• Providers • Health Plans • Clearing Houses • Business Associates
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPAA Business Associates
BusinessAssociates=thosewhoserela0onshiptotheclinicalprac0ceisspecificallyintendedtoincludethehandlingofprotectedhealthinforma0on Office cleaning crew??
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPAA Business Associates
People who handle personally-identifying client information for us, e.g. § Billing services § Backup data services § E-mail provider § Cloud services
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPAA Business Associates
We must “obtain satisfactory assurances that the business associate will appropriately safeguard [personally-identifying client information.]” “Satisfactory assurance” required by the law =Business Associate Agreement (BAA)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Electronic Communication
• Difficulttopreventmonitoringorrecordingoftheconversa0on
• Avoidmakinganycommentsyouwouldnotwantedrepeatedinlegalproceedings
• Beprofessionalandcau0ouswhentalkingaboutanyconfiden0alinforma0on
• Avoidsayinganythingofftherecord• Donotallowunauthorizedpersonstohearorreadcommunica0ons
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Telecommunication
• Verifywhoyouarecommunica0ngwith• Donotacknowledgeclientisreceivingservicestounauthorizedpeople
• Whentalkingonphone-assumethecallerisnotinaprivateplace
• Realizeyourcommunica0onmaybeinterceptedbyunauthorizedperson(s)
• Whenleavingvoicemailorsendingtextoremail-beawaresomeoneelsemightretrievethecommunica0on
Corey et al. (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Affordable Care Act (2010)
• Riskanalysistodeterminethevulnerabilityofelectronicprotecteddata
• Encryptpa0entPHI• Reviewpoliciesandprocedures• Reviewcontractswithvendorsandother“businessassociates
Bender, et al. (2013)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Affordable Care Act (2010)
• allowpa0entstoforbiddisclosureofinforma0onpaidoutofpocked
• permitpa0entstorequesttheirhealthinforma0oninelectronicform
• requireprac0cestoupdatetheirno0ceofprivacyprac0ces
Bender, et al. (2013)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPPA Mental Health- Higher Standard
• Excep0ontopa0entrighttoreviewrecords• Psychotherapynotes• Keptseparatefrommedicalrecord
Vose (2013)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Substance Use: 42 CFR Part 2
• SubstanceUseField• GovernedbyFederalLaw(42U.S.C.§290dd-2)• AndRegula0ons(42CFRPart2)• SubstanceUseS0gma• Whatcanandcan’tbedisclosed• Withandwithoutclientconsent• WhoandWhat?
Awad (2013)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2 Application
• InvolvesSubstanceUse• Educa0on,• Treatment,or• Preven0on
• Thatis• RegulatedbytheFederalGovernment• AssistedbytheFederalGovernment
Awad (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2 Exceptions
• PossibleExcep0ons(NoFederalAssistance):• ForProfitPrograms• PrivatePrac00oners
• Unless,• StateLicensureBoardRequires• Cer0fica0onAgencyRequires• DEARegistra0on(detoxormaintenance)
Awad (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2
Theregula0onsrestrictthedisclosureanduseofalcoholanddrugpa0entrecordswhicharemaintainedinconnec0onwiththeperformanceofanyfederallyassistedalcoholanddrugabuseprogram(42CFR§2.3(a)).Appliestoanyinforma0onthat“wouldiden0fyapa0entasanalcoholordrugabuser…”(42CFR§2.12(a)(1)).
Awad (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2
Protectedinforma0onisisanydatadisclosedbyacoveredprogramthatiden0fies:• anindividualdirectlyorindirectlyashavingacurrentorpastdrugoralcoholproblem,or
• asapar0cipantinacoveredprogram.
Awad (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2 Requires
• Pa0entConsentforDisclosuresIncluding:• Treatment• Payment• HealthCareOpera0ons
• ConsentMUSTbeinwri0ng
Awad (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2: Written Consent
• ConsentRequires10Elements:1. Namesoftheprogramsmakingthe
disclosure2. Nameoftheindividualororganiza0on
receivingthedisclosure3. Nameofthepa0ent4. Specificpurpose5. Howmuchandwhatkindofinforma0on
NCSC (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2: Written Consent
• ConsentRequires10Elements:6. Pa0ent’srighttorevoke7. Condi0ontreatment,payment,enrollment,
oreligibilityofbenefits8. Date,event,orcondi0onuponwhichthe
consentexpires9. Signatureofthepa0ent10. Dateconsentisassigned
NCSC (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
42 CFR Part 2: Mandated and Permitted
• MandatoryDisclosures:• ChildAbuseorNeglect• CauseofDeath• ValidCourtOrder
• PermiVedDisclosures:• MedicalEmergencies• CrimeonPremisesorAgainstStaff• Administra0veControl• QualifiedServiceOrganiza0ons(QSO)• OutsideAuditorsorResearchers
NCSC (2015)
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
EmailislikeapostcardpassingthroughthewildhinterlandsoftheopenInternet.Variousnefariouselementsmaybeabletoseeitscontentsasitgoesby….
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
• Caniden0fypeopleveryeasily• 1of18iden0fiersthatHIPAAdefinesaswithout-a-doubtpersonallyiden0fying.
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
HIPAArequiresthatouremailservicesexecuteaBusinessAssociateAgreementwithus.Justlikeyouwouldrequirearecep0onpersoninyourofficetosignconfiden0alityagreements,HIPAArequiresyoutosignaBAAwithyouremailservice.
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
• Non-secureemailprovidersthatwillexecuteaBAAwithcustomers:
• GoogleAppsforWork(notfreeGmail!)• MicrosoR365
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Somesecuremessaging(“encryptedemail”)thatworkwell:• Hushmail• ProtectedTrust• Paubox
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Secure Skype
VSee
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Secure Dropbox
ViiVo
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
Conclusion
• Clinicianshavemanyresponsibili0es• Ethicaldilemmaswhenresponsibili0esconflict• Knowyourprofessionalethicalcodes• Seekconsulta0onandsupervision• Staywithinscopeofprac0ce• DoNoHarm• BeHIPPAcompliant
Corey et al. (2015)
ThanksforJoiningUs
Dr.J.Sco-NelsonEd.DNCCLCPCCRADCSAPAssistantProfessor
LicensedClinicalProfessionalCounselor
ThanksforJoiningUsToday.
Presenter:Dr.J.ScottNelsonEdD.,LCPCCRADCSAPACSAssistantProfessor/LicensedClinicalProfessionalCounselorIllinoisFireFighterPeerSupport(ILFFPS)ClinicalConsultant
Copyright ©2013, Netsmart Technologies, Inc. All Rights Reserved.
References
Awad,S.(2015).AmericanSocietyofAddic0onMedicine.ConfusedbyConfiden-ality?APrimeron42CFRPart2.Downloadedfrom:hVp://www.asam.org/magazine/read/ar0cle/2013/08/15/confused-by-confiden0ality-a-primer-on-42-cfr-part-2
Bender,J.,Verdon,D.R.,Zimlich,R.(2013).MedicalEconomics.AquickguidetoHIPAAcomplianceforphysicians.Downloadedat:hVp://medicaleconomics.modernmedicine.com/medical-economics/content/tags/hipaa/quick-guide-hipaa-compliance-physicians?page=full
Corey,G.,Schneider-Corey,M.,Corey,C.,&Callanan,P.(2014).Issuesandethicsinthehelpingprofessions,(9thed.).Stamford,CT:CengageLearning.
Fisher,M.A.(2009).Protec0ngconfiden0alityrights;Theneedforanethicalprac0cemodel.AmericanPsychologist,63(1),1-13.
Na0onalCenterforStateCourts(2015).SubstanceAbuseandConfiden-ality:42CFRPart2.Downloadedfrom:hVp://www.ncsc.org/sitecore/content/microsites/future-trends-2012/home/Privacy-and-Technology/Substance-Abuse.aspx
Sperry,L.,&Pies,R.(2010).Wri0ngaboutclients:Ethicalconsidera0onsandop0ons.Counseling&Values,54,88-102.
Vose,R.(2013).PhysiciansPrac0ce.HIPAAandMentalHealthRecords:AHigherStandard.Downloadedat:hVp://www.physiciansprac0ce.com/blog/hipaa-and-mental-health-records-higher-standard
Wheeler,N.&Bertram,B.(2012).Thecounselorandthelaw:Aguidetolegalandethicalprac-ce(6thed.).Alexandria,VA:AmericanCounselingAssocia0on.
Recommended