1 / 47

Access to Mental Health Records and Related Issues

Access to Mental Health Records and Related Issues. Social Services Attorneys’ Conference March 10, 2006 Mark Botts School of Government, UNC. Topics. Applicable laws DSS as legal representative of patient Patient authorization to disclose Court orders Required-by-law disclosures

gudrun
Télécharger la présentation

Access to Mental Health Records and Related Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Access to Mental Health Records and Related Issues Social Services Attorneys’ Conference March 10, 2006 Mark Botts School of Government, UNC

  2. Topics • Applicable laws • DSS as legal representative of patient • Patient authorization to disclose • Court orders • Required-by-law disclosures • Child protective services statutes • Adult protective services statutes • Child fatality prevention system

  3. Applicable Confidentiality Laws • State law governing MH/DD/SA providers—GS 122C • Federal law governing health care providers—45 CFR (HIPAA Privacy Rule) • Federal law governing substance abuse programs—42 CFR Part 2

  4. Each confidentiality law: • Defines the providers that it governs • Defines the information that it governs • Permits providers to disclose information in certain situations • Requires providers to disclose information in certain situations

  5. GS 122C and HIPAA • Agencies covered include • area authorities and county programs (LMEs) • agencies that contract to serve area authority or county program clients • Information covered includes all client information

  6. 42 CFR Part 2—Covered Programs • Programs covered include any facility that specializes in substance abuse diagnosis, treatment, or referral for treatment • Includes all area authorities and county programs • Includes some agencies that contract to serve area authority or county program clients

  7. 42 CFR Part 2—Covered Information • Applies to information • that would identify a “patient”—one who has applied for or received SA services—as a substance abuser and • is substance abuse information obtained by a covered program • for the purpose of treating substance abuse, making a diagnosis for that treatment, or making a referral for that treatment

  8. Case Studies • A substance abuse professional employed by an area authority wants to make an adult protective services report about her client. Can she? • A child protective services worker investigating a report of child abuse requests access to a child mental health record that contains information in the family history section about the mother’s abuse of crack cocaine. Can the record be disclosed?

  9. DSS as Legal Representative of Patient

  10. Authority of Legally Responsible Person • “Except as otherwise provided by law, whenever in this Chapter the phrase “client or his legally responsible person” is used, and the client is a minor or an incompetent adult, the duty or right involved shall be exercised not by the client, but by the legally responsible person.” GS 122C-4.

  11. Consent to Treatment • Except in the case of emergency or involuntary commitment, the client or the client’s legally responsible person has the right to consent to or refuse any treatment offered by an MH/DD/SA facility. GS 122C-57(d). • The client or the client’s legally responsible person shall be informed of the potential risks and alleged benefits of the treatment choices. GS 122C-57(a).

  12. Access to Records • Upon request the legally responsible person shall have access to confidential information in the client’s record . . . GS 122C-53(d) • Does not apply to records of treatment provided pursuant to the minor’s consent to treatment. See GS 90-21.5 and -21.4. • Does not apply if facility believes disclosure would be injurious to the client’s physical or mental well-being.

  13. Legally Responsible Person for Adults • When applied to an adult who has been adjudicated incompetent, means a guardian appointed by the court • When applied to an adult who is incapable of making treatment decisions—as defined in GS 122C-72(4)—and who has not been adjudicated incompetent, means a health care agent named pursuant to a valid health care power of attorney (GS 122C-3(20))

  14. Legally Responsible Person for Minors • When applied to a minor, means a: • Parent • Guardian • Person standing in loco parentis, or • Legal custodian other than a parent who has been granted specific authority • by law • or in a custody order to consent to medical care, including psychiatric treatment (GS 122C-3(20))

  15. Legal Custodian Authorized by Law to Consent to Tx • DSS may consent to any psychiatric, psychological, or other evaluations or treatment if: • The court has placed the child in the custody of DSS pursuant to a dispositional order—7B-903, -2503, or -2506 • DSS has made reasonable efforts to obtain consent from the parent or guardian of the child; and • The parent is unknown, unavailable, or unable to act on the child’s behalf

  16. Legal Custodian Authorized by Custody Order • If, in a custody order, the judge specifically authorizes the legal custodian to consent to medical and psychiatric treatment, then the legal custodian (e.g. DSS) is a “legally responsible person” authorized to act on behalf of the minor for purposes of consent to treatment and access to records

  17. Patient Authorization to Disclose

  18. Patient Authorization • A provider must obtain a patient’s written authorization for any disclosure that is not otherwise permitted or required by the applicable privacy law • An authorization permits but does not require the covered entity to use or disclose PHI

  19. Authorization Must Be Voluntary • Provider may not condition the provision of treatment or eligibility for benefits on receiving an authorization • Except may condition the provision of health care that is solely for the purpose of creating information for disclosure to a third party on an authorization for such disclosure

  20. Authorization Must Be Voluntary • An individual may revoke an authorization at any time • by putting the revocation in writing • except to the extent that the provider has taken action in reliance on the authorization

  21. Authorization Must Be Informed • The individual signing the authorization to disclose information must understand what information will be disclosed, with whom it will be shared, and for what purpose • Any disclosure by a provider must be consistent with the terms of the authorization—the provider is bound by statements in the authorization

  22. Who May Consent to Release of MH/DD Records • Adult client who has not been adjudicated incompetent • Guardian of the person or general guardian of an adult client adjudicated incompetent • Emancipated minor • Legally responsible person for a minor when the minor is being treated pursuant to the LRP’s consent • Unemancipated minor who is being treated pursuant to his or her own consent

  23. Who May Consent to Release of SA Records • Same rules provided in previous slide except that when an unemancipated minor is being treated pursuant to the consent of the minor’s legally responsible person, both the LRP and the minor must sign the consent for disclosure

  24. Court Orders

  25. Subpoenas • A subpoena, alone, does not permit disclosure of information protected by the state mental health law (GS 122C) or the federal substance abuse records law (42 CFR Part 2) • Although the HIPAA privacy rule permits providers to disclose in response to a subpoena, GS 122C and 42 CFR 2 control (where applicable)

  26. Court Order • GS 122C requires, and HIPAA permits, a provider to disclose in response to a court order • No particular procedure, criteria, or findings are required by either law • NC privilege statutes: a judge may order disclosure when “necessary to the proper administration of justice”

  27. Court Order—SA Records • Patient and provider must be given notice and opportunity to respond • Judicial review of records must be incamera • Court must find “good cause” for disclosure • Court must limit disclosure (to essential parts of record and to persons who need the information)

  28. Court Order—Good Cause Findings • Other ways of obtaining the information are not available or would not be effective • The public interest and need for the disclosure outweigh the potential injury to the patient, the physician-patient privilege, and the treatment services. 42 CFR 2.64

  29. Court Orders—SA Records • Court cannot order disclosure of any “confidential communications” made by patient to program unless the disclosure is • necessary to protect against an existing threat to life or serious bodily injury, including circumstances that constitute suspected child abuse and neglect • necessary to the investigation of an extremely serious crime, or • the patient has already offered evidence about confidential communications. 2.63

  30. Disclosures Required by Law

  31. State Law—GS 122C-54(h) • Requires disclosure for purposes of complying with other state laws requiring disclosure: • Child protective services laws • Adult protective services laws • Other state laws, e.g., communicable disease laws • Requires disclosure as required by federal law

  32. HIPAA Privacy Rule—45 CFR 164.512(a) • The rule permits uses or disclosures that are required by other law. • “Required by law” defined as a mandate contained in law that compels a covered entity to make a use or disclosure of PHI and is enforceable in a court of law. Include statutes, regulations, court orders, court-ordered warrants, subpoenas and summons issued by a court, grand jury, inspector general, or certain administrative bodies

  33. HIPAA Privacy Rule—45 CFR 164.512(b) • The rule permits the disclosure of protected health information to a government authority authorized by law to receive reports of suspected child abuse or neglect

  34. HIPAA Privacy Rule—45 CFR 164.512(c) • Permits the disclosure of PHI about an individual believed to be a victim of abuse, neglect, or domestic violence to a government authority authorized by law to receive reports of abuse, neglect, or domestic violence • PHI may be disclosed to the extent the disclosure is required by law and the disclosure complies with and is limited to the relevant requirements of the law

  35. Federal Substance Abuse Law—42 CFR Part 2.12 • The restrictions on disclosure do not apply to the reporting under state law of incidents of suspected child abuse and neglect to appropriate government authorities. 2.12(c)(6)

  36. Federal Substance Abuse Law—42 CFR Part 2 • The federal law does not permit the disclosure of confidential information for purposes of complying with CPS investigation statutes, APS reporting and investigation statutes, or child fatality prevention statutes. • No state law may authorize or compel any disclosure prohibited by the federal substance abuse records law. 42 CFR 2.20

  37. Child Protective Services Law

  38. Child Protective Services—Reporting—GS 7B-301 • State law governing MH/DD/SA services requires reporting. GS 122C-54(h) • HIPAA Privacy Rule permits reporting • Federal law governing substance abuse programs does not apply to restrict reporting. 42 CFR 2.12 (c)(6)

  39. CPS Assessment of Report—GS 7B-302 • State law governing MH/DD/SA services requires disclosure. GS 122C-54(h) • HIPAA Privacy Rule permits disclosure • Federal law prohibits disclosure without client consent to disclose or a court order compelling disclosure

  40. CPS—Protective Services Phase—GS 7B-302 • State law governing MH/DD/SA services requires disclosure. GS 122C-54(h) • HIPAA Privacy Rule permits disclosure • Federal law prohibits disclosure w/o client consent or court order. However, disclosure could be made pursuant to a “Qualified Service Organization Agreement” where applicable. 42 CFR 2.11, 2.12(c)(4).

  41. CPS—Protective Services Phase—QSOA • If DSS is monitoring or coordinating services provided by an SA program for the purpose of preserving the family or protecting the child and the parent does not have an open court case, the SA program and DSS could have ongoing communications pursuant to a QSOA (w/o consent) • DSS could not redisclose patient identifying information to the court or other agencies unless it obtained patient consent or court order

  42. Juvenile Petitions • State law requires designated agencies to share with one another, upon request, information in their possession that is relevant to any case in which a petition has been filed alleging that a juvenile is abused, neglected, dependent, undisciplined, or delinquent (GS 7B-3100, 28 NCAC 01A.0300)

  43. Juvenile Petitions—GS 7B-3100 Disclosures • GS 122C-54(h) requires a mental health facility to disclose information as required by other state law • Section 164.512(a) of the privacy rule permits providers to disclose protected information as required by law • The federal SA law does not permit the disclosure of patient-identifying information pursuant to GS 7B-3100

  44. Adult Protective Services Law

  45. Adult Protective Services—Reporting • State law governing MH/DD/SA services requires disclosure. GS 122C-54(h) • HIPAA Privacy Rule permits disclosure • Federal law prohibits disclosure

  46. Adult Protective Services—Investigation • State law governing MH/DD/SA services requires disclosure. GS 122C-54(h) • HIPAA Privacy Rule permits disclosure • Federal law prohibits disclosure

  47. Child Fatality Prevention System • State law governing MH/DD/SA services requires disclosure. GS 122C-54(h) • HIPAA Privacy Rule permits disclosure • Federal law prohibits disclosure

More Related