Jump to content

Privacy Rights


Guest P A Weick

Recommended Posts

Guest P A Weick

Is anyone aware of any law, rule or regulation which limits disclosure of confidential medical information to the executives of the employer which is a third party administrator and administers its own self insured plan?

------------------

Link to comment
Share on other sites

Guest Patricia Ibbs

The Americans with Disabilities Act imposes limitations on the use of medical information obtained about employees. The information must be treated as a confidential medical record and kept in a medical file in a separate locked cabinet, apart from the personnel files and a specific person or persons must be designated to have access to the medical file.

Also, prudent business practice would limit, in general, the access to medical information. If there is no "need to know" then a court will call into question why the employer knows about certain medical information. There was a court case (sorry I don't have the cite) where an employee sued his employer for discrimination. The employer had information that the employee was taking medication for AIDS. The employee argued that the only reason the employer would have this information was to discriminate. When the employee was terminated, he promptly sued.

Link to comment
Share on other sites

Guest Lorna Pate

As a practical matter, when we receive requests from self-funded employers requesting individually identifiable medical/claim information, we request from the employer that its request is in writing and that a plan related reason for requesting information is provided in the correspondence (e.g for audit purposes, to evaluate benefit designs, etc). We also require the employer to sign an indemnification agreement. This protects us (we are a health insurance company (licensed for insurance, HMO business, managed care business. Our product lines are Medicare, Medicaid, and Commercial) in the event the employer uses the information for an improper purpose or if we are sued by the member for making a disclosure.

The Health Insurance Portability and Accountability Act of 1996 (HIPAA), Title II (Administrative Simplication) addresses confidentiality of medical information. (I have not read the actual Act itself, only refereed journals that cite HIPAA). I wrote a paper, a little while back, on the issue of confidentiality and privacy of electronic medical records in the era of managed care. I do remember that HIPAA mandated that Congress pass privacy legislation by August 1999. In the event Congress is unable, the Secretary of Health and Human Services (Shalala) must promulgate rules and regulations.

It can get very sticky when you are dealing with a self-funded plan and the employer wants information from the TPA. You may want to consult state law as to the ownership of records. Our state (Ohio) has court cases on this issue.

Another law that may have an impact is the American with Disabilities Act (ADA), presumably if the information obtained by the employer is used for discriminatory purposes and the employee has a disability.

Link to comment
Share on other sites

Guest P A Weick

Thanks Lorna. I am in Ohio,too. Do you have any citations to those court cases?

------------------

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...