What are our liabilities if one of our employees or business associates discloses PHI in a whistleblowing capacity?
HIPAA Weekly Advisor, August 22, 2005
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
HIPAA provides protection to a covered entity for the good faith whistleblower action of a member of its workforce or a business associate. A covered entity is not in violation of the HIPAA requirements when a member of its workforce or a business associate of the covered entity discloses PHI to
- a health oversight agency or public health authority authorized by law to investigate or otherwise oversee the relevant conduct or conditions of the covered entity for the purpose of reporting the allegation of failure to meet professional standards or misconduct by the covered entity
- an appropriate healthcare accreditation organization for the purpose of reporting the allegation of failure to meet professional standards or misconduct by the covered entity
- an attorney, for the purpose of determining his or her legal options with respect to whistleblowing
For the covered entity to be protected from misuse of PHI, the whistleblower must
- believe in good faith that the covered entity has engaged in conduct that is unlawful or otherwise violates professional or clinical standards, or that the care, services, or conditions provided by the covered entity potentially endangers one or more patients, workers, or the public
- disclose the information to a health oversight agency or public health authority, to a healthcare accreditation organization, or to an attorney retained by the employee or business associate for determining the legal options available
Go to the Section 164.502(j) Disclosures by Whistleblowers and Workforce Member Crime Victims of the Bricker & Eckler Web site for more information.
Editor's note: Attorneys from Bricker & Eckler, LLP, answered this question. This is not legal advice. Consult with your attorney for legal matters.
Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- HIPAA Q&A: Level of encryption needed for email
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- ED-to-inpatient transfers are flawed with safety gaps
- Joint Commission Center announces handoff communication solutions
- Inside best practice: Reduce patient falls with a stoplight
- Identify modifiable risk factors to prevent patient falls
- Searched