alexa Posted February 18, 2002 Posted February 18, 2002 I have been assigned the task of investigating what state privacy laws are out there that may be more liberal than HIPAA privacy requirements. I am aware that the state of CA has passed a bill on privacy. What other states have done so? Can anyone recommend a good referral source for this info? We are self insured and have employees in all 50 states. Much thanks
Jbentz Posted February 18, 2002 Posted February 18, 2002 I would try the American Hospital Association web site (www.aha.org). I have heard that they have a state by state list; however, we are not a hospital, so i have not seen it. I would also try www.wedi.snip.org and www.hipaadvisory.org. Contact me if offline if you would like anymore information.
alexa Posted February 18, 2002 Author Posted February 18, 2002 aha has soemthing about state laws on theri website but you must be a member to access The other 2 sites were not available?
Jbentz Posted February 18, 2002 Posted February 18, 2002 It is wedi.snip.org and www.hipaadvisory.com. Sorry about that. I am not sure you are going to be able to find a single location for this info. You might also try hipaasummit.com and look through the past presentations for the information. I know they have addressed this issue with some states in the past, i just don't know if they are all included.
Linda Posted February 25, 2002 Posted February 25, 2002 alexa48 -- What sort of covered entity are we talking about? If we’re talking about an employer that sponsors a self-insured group health plan (and is not otherwise a covered entity such as a hospital system), you may be lucky. While the HIPAA privacy regs do not preempt more stringent state laws, the HIPAA privacy regs do not change or in any way diminish ERISA preemption of state law. This is actually discussed in the preamble of the HIPAA privacy regs.
alexa Posted February 25, 2002 Author Posted February 25, 2002 Linda, We are for the most part self-insured. We have some HMO's as well in about a dozen states. So from what you are saying, we only have to worry about the states where we have the HMO's? If so, great news! I'll doublecheck the preamble. Thanks
Linda Posted February 25, 2002 Posted February 25, 2002 My guess is that any state privacy laws that are more stringent than the HIPAA rules apply to the HMOs, but not to the employer paying for the HMOs. Again, I think it’s a question of ERISA preemption when we’re talking about the handling of health information generated in connection with a group health plan. A state can reach an HMO (or insurer) but cannot reach the employer on group health plan matters. Like state mandated benefits. So, if I'm right, the HMOs need to compare HIPAA to state law and comply with the more stringent. This could affect what (if any) info the employer can get out of the HMO. But, while the employer does need to comply with HIPAA (if it gets more than summary health info out of the HMO), the employer doesn't have to be concerned about compliance with more stringent state law.
Steve72 Posted February 25, 2002 Posted February 25, 2002 Georgetown did a comprehensive summary of state privacy laws. I don't know if it's regularly updated, but it's a good starting point: http://www.healthprivacy.org/info-url_noca...o-url_nocat.htm
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now