5 Things to Know About HIPAA when Advocating for Friends or Family

Written by on September 18, 2012 in Money - No comments | Print this page


One of the only things that might compare to the strain of not having health insurance in America is the paperwork you have to go through to actually get health insurance. Add that onto all of the hoops you have to jump through when a loved one is ill and suddenly just taking the risk of going without almost seems like a more attractive, albeit bill-laden, option.

But when you break it down, the law governing most of these things, HIPAA, is actually quite simple. Without being a lawyer, you can still maneuver the provisions of HIPAA, and protect your loved ones, yourself and your sweet, sweet health insurance, just by knowing a few key things about the law.

Know Your Coverage Rules

One of the key provisions of HIPAA governs the transfer of health insurance between jobs, or as is more likely these days, between jobs and periods of soul-crushing unemployment (the P stands for Portability). The law also covers when employers can and cannot deny you coverage for pre-existing conditions. The details can be complex, but there are essentially two phrases to remember: “Credible Coverage” and “Significant Break.”

“Credible Coverage” is a very forgiving term and basically means “any type of general health insurance”. If you were, and have been, covered without any “Significant Breaks” in your coverage, it becomes a lot more difficult for companies to deny coverage for pre-existing conditions–with limits generally capped at 12 months.

A “Significant Break” in coverage is generally defined as 63 days without “Credible Coverage”. At this point the law has basically decided you are a freeloader who will only buy insurance once you get sick. Arguing for the coverage of yourself or your loved ones becomes significantly easier and likely to succeed when there’s a record of continuous coverage without significant breaks. So even if you’re going with the Safe Auto of insurance plans with a deductible higher than the cost of just purchasing black market organs, you will likely end up benefiting in the long run from the continuous coverage.

How to Get Access to Your Information

One of the primary ways in which most people hear the word “HIPAA”, is when trying to get access to medical records. In addition to ordering a major revamp of how patient data is stored and shared, HIPAA also imposes strict regulations on who can get access to your medical records. On the one hand, this is was a needed upgrade to medical records-keeping and helps protect patient privacy. On the other hand, it’s a nightmare if you’re trying to get information about a friend or family member undergoing care.

Because of the steep fines associated with leaking private medical records, most doctors will simply remain mum if asked for information — preferring one angry family member to a multi-million dollar lawsuit. But that means if you need to check in on someone, you will have to push back. The most important distinction here is whether or not you are a qualified individual — basically someone who could legally represent the patient. So if you are a spouse, a parent or a sibling, you’re good (though it varies state-to-state). If your friend or, depending on the state, same-sex partner is in the hospital, you’re going to have a much harder time. Getting a non-relative qualified is a much thornier area, and deserves a call to a lawyer.

Protect Your Privacy

The flip side to the privacy coin is that your medical records are safer than ever. So safe, in fact, that scientists have had trouble getting legal access to medical records in order to do research. The upside for patients is that some of their most intimate and personal details are safely away from prying eyes — locked behind that lazy doctor who’s playing it safe.

Under HIPAA only “covered entities” are allowed access to your medical records — and even then they are limited only to the data necessary to perform their tasks. That is, the medical billing company will know you underwent a CT scan so they can bill you for it, but they shouldn’t have access to the results. Generally speaking, only health care clearinghouses, employer sponsored health plans, health insurers, and medical service providers should be able to demand access to your records.

There are a handful of incidences where your records might be shared with people outside this list, however. The child who is repeatedly admitted for suspicious bruises will likely have their information shared with law enforcement — in fact, doctors are legally required to report any suspicions of child abuse. Only the patient or their representative can permit the disclosure of information outside of these circumstances. Importantly as well, the disclosure must be explicit and often in writing. Implicit consent, or ‘you consented by not saying no’, doesn’t cut it.

Accessible and Accurate Records

While HIPAA does force medical professionals to be very careful with your information, it’s not exactly put in a lockbox and hidden in secret vaults. In fact, patients are allowed to request access to their medical history and see anything notated therein without impediment (i.e. someone agreeing only to release records if the patient waives their right to sue). While this may seem unimportant (after all, are you really going to forget all those painful maladies?) those records can have several important ramifications.

First off, it’s important to insure that the records are medically accurate. That is, if you’re allergic to penicillin and are generally attached to all of your limbs, you want the record to read “Allergic to Penicillin; Do not amputate”, instead of, say, “Penicillin junkie; Arms and Legs Optional”. A doctor who sees hundreds of patients every week is likely to forget many small details — you have to advocate for yourself or for your loved one.

Second, those records can have severe consequences for your insurance. An incorrect notation could mean the difference between a small infection and a serious pre-existing condition that could make you ineligible for care down the road. On top of this, it could affect your premiums once you do have insurance.

If Something Goes Wrong

Knowing the details of HIPAA will only get you so far when a healthcare professional or insurance company just decide to ignore or creatively interpret it. If you believe your rights under HIPAA are being violated in any way, the first step is to contact the Department of Health and Human Services Office of Civil Rights (OCR). They’re the government office in charge of making sure everyone plays by the rules. If your case ends up in your favor, the payout could be in the millions.

Unfortunately, the OCR has a bad habit of taking forever to address complaints, owing to a huge backlog. Your best bet at that point is to find a different doctor, different hospital, or different insurer if possible. After all, HIPAA ensures a smooth portability of your insurance and medical records between these entities.

If neither of these produces any result, and you’re serious about advocating for yourself or your loved one, some people have had success going to the press with their issues. A Wall Street Journal article scandalizing the OCR for its lack of action was followed by an agreement by UCLA to finally pay the fines it owed for allowing unauthorized access to medical records. Hopefully, with a little bit of foreknowledge, it won’t come to that.

This is a guest article.  This article was contributed by Interfysio, a healthcare staffing agency.

Image by Stuart Miles: FreeDigitalPhotos.net


About the Author

Guest Blogger

This article was written by a guest contributor. You will find their details at the bottom of the post. To submit your own Guest Post to our website, please visit our SUBMIT page for details about adding your article.