While laws increasingly address the concern of child abuse, privacy laws impose greater limitations on disclosing patient information.
by Keith Henaman in Board & Regulatory on Monday, January 12, 2015
In recent years, federal and state laws have increasingly been enacted to address the expanding concern of child abuse. At the same time privacy laws have imposed ever broader and greater limitations on disclosing patient information.
Because these two public policy goals are often at odds with each other, it is now more important than ever that you understand your reporting duties when you suspect child abuse.
HIPAA requires that healthcare practitioners keep all clinical information, including psychological information, about a patient confidential. However, these laws have exceptions. HIPAA, while perhaps this nation’s most comprehensive effort to ensure confidentiality of protected health information (PHI), excuses providers from its confidentiality requirements when the provider is otherwise “required by law” to make a report. In addition, HIPAA expressly states that a healthcare provider may disclose PHI in order to comply with any state law requiring the reporting of child abuse.
Healthcare practitioners, police officers, educators, human service workers and others are required to report suspected child abuse or neglect and in most states this reporting requirement is mandatory even if: the event occurred long in the past; the alleged victim is an adult when the incident comes to light; or the suspected abuser is believed to be deceased.