Presentation is loading. Please wait.

Presentation is loading. Please wait.

Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880.

Published byLester Johns Modified over 8 years ago

Similar presentations

Presentation on theme: "Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880."— Presentation transcript:

1 Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880

2 Joy Pritts, JD 2 Public Concerns 95% adult Americans do not want banks to have access to their medical record information without their permission.* * Gallup Organization nation-wide poll, August 2000, available at: http://forhealthfreedom.org/Gallupsurvey/index.html

3 Joy Pritts, JD 3 Information Networks: HIPAA & GLBA Protected Health Info. (PHI) PHI Health Care Provider Banks Health Care Provider Health Plan PHI Affiliate

4 Joy Pritts, JD 4 Public Concerns Increased access to identifiable health information by banks + Increase in bank-insurer affiliations + More sophisticated computer technology + Potential financial incentive. Concerns about banks obtaining and using health information for consumer credit decisions & sharing health information with affiliates Concerns about banks obtaining and using health information for consumer credit decisions & sharing health information with affiliates

5 Joy Pritts, JD 5 Goal: Protect Privacy of Health Info. as It Flows through the System Claim for payment Protected Health Info. PHI Health Care Provider Banks Health Care Provider Covered Health Plan Covered

6 Joy Pritts, JD 6 Primary Laws Health Insurance Portability and Accountability Act of 1996 (HIPAA) Gramm-Leach-Bliley Act (Financial Services Modernization Act) 1999 Fair and Accurate Credit Transactions Act of 2003 (FACT Act) –Amendments to Fair Credit Reporting Act

7 Joy Pritts, JD 7 HIPAA & Banks Are banks covered by HIPAA? What activities of banks, if any, make them “health care clearinghouses” covered by HIPAA?

8 Joy Pritts, JD 8 Processing Consumer Payment Info. Does Not Make a Bank a HIPAA Clearinghouse Checks or Credit Card Payments Patient Health Care Provider Bank Credit Card Co. Covered NOT Covered Checks or Credit Card Payments 3d Party or Affiliates Info.

9 Joy Pritts, JD 9 Processing 3d Party EFT Does Not Make a Bank a HIPAA Clearinghouse EFT Claim for payment Bank Covered Health Care Provider Covered Health Plan NOT Covered

10 Joy Pritts, JD 10 Does Processing ERAs Make a Bank a HIPAA Clearinghouse? Claim for payment ERA – Identifiable Health Info. ERA Health Care Provider Bank Covered NOT Covered – Sec. 1179 Exemption? Covered Health Care Provider Covered Health Plan Info. 3d Party or Affiliate

11 Joy Pritts, JD 11 Sec. 1179 PROCESSING PAYMENT TRANSACTIONS BY FINANCIAL INSTITUTIONS SEC. 1179. To the extent that an entity is engaged in activities of a financial institution (as defined in section 1101 of the Right to Financial Privacy Act of 1978), or is engaged in authorizing, processing, clearing, settling, billing, transferring, reconciling, or collecting payments, for a financial institution, this part, and any standard adopted under this part, shall not apply to the entity with respect to such activities, including the following: (1) The use or disclosure of information by the entity for authorizing, processing, clearing, settling, billing, transferring, reconciling, or collecting, a payment for, or related to, health plan premiums or health care, where such payment is made by any means, including a credit, debit, or other payment card, an account, check or electronic funds transfer. * * * 42 USCS § 1320d-8

12 Joy Pritts, JD 12 Issue If banks are exempt from HIPAA under 1179, to what extent is medical information held by banks protected by other laws?

13 Joy Pritts, JD 13 GLBA Designed to encourage affiliations between banks and other “financial institutions” Applies only to consumer & customer financial information, not commercial transactions Privacy provisions establish limits on sharing financial information (which may contain medical info.)

14 Joy Pritts, JD 14 GLBA Limits Sharing Consumer Payment Info. Checks or Credit Card Payments Patient Health Care Provider Bank Notice & Opt Out 3d Party Affiliates Information Covered Notice Checks Credit

15 Joy Pritts, JD 15 GLBA Does Not Prohibit Banks from Using Consumer Payment Info. Checks or Credit Card Payments Patient Bank Credit Card Co. Covered NOT Covered Checks or Credit Card Payments Health Care Provider

16 Joy Pritts, JD 16 GLBA Doe Not Prohibit Banks from Using or Sharing Info. from Commercial Transactions Claim for payment ERA – Identifiable Health Info. ERA Health Care Provider Bank Health Care Provider Covered Health Plan Not Covered by GLBA Affiliates 3d Party

17 Joy Pritts, JD 17 Intent of FACT Act Fill some of gaps in privacy protections in: HIPAAGLBA Within context of consumer credit protections

18 Joy Pritts, JD 18 FACT Act Prohibits obtaining & using medical information for consumer credit decision purposes except where banking agencies determine it is “necessary and appropriate” to protect legitimate operational, transactional, risk, consumer and other needs Consistent with intent to restrict use of medical info. for inappropriate purposes Consistent with intent to restrict use of medical info. for inappropriate purposes

19 Joy Pritts, JD 19 Regulations Drafted by Banking Agencies that Allow Using Info. for Credit May be Narrow... Claim for payment ERA – Identifiable Health Info. Health Care Provider Covered Health Plan EFT Patient Checks Credit Covered Banks

20 Joy Pritts, JD 20 … or Broad Claim for payment ERA – Identifiable Health Info. Health Care Provider Covered Health Plan EFT Patient Checks Credit Covered Banks

21 Joy Pritts, JD 21 FACT Act Does Not Prohibit Using Payment Info. for Insurance, Marketing or Other Purposes Claim for payment ERA Health Care Provider Bank Health Care Provider Covered Health Plan NOT Covered EFT Patient Checks Credit

22 Joy Pritts, JD 22 Limits on Sharing Medical Info. Are Not Clear Under best circumstances, permits banks to share medical info. with affiliates for any purpose: Permitted without authorization under Privacy Rule or Referred to under Section 1179

23 Joy Pritts, JD 23 Conclusion If banks are fully exempt under Sec. 1179, the medical information that they receive is not fully protected by other laws.

24 The End

Download ppt "Banks and the Privacy of Medical Information 8 th National HIPAA Summit March 8, 2004 Joy Pritts, JD Health Policy Institute Georgetown University 202-687-0880."

Similar presentations

HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.

HIPAA In Relation to Other Federal Laws Professor Peter P. Swire Ohio State University Consultant, Morrison & Foerster LLP Glasser LegalWorks/HIPAA Conference.
University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.

University Data Classification Table* Level 5Level 4 Information that would cause severe harm to individuals or the University if disclosed. Level 5 information.
Red Flag Rules: What they are? & What you need to do

Red Flag Rules: What they are? & What you need to do
 What is the Privacy Rule? The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) governs the use and disclosure of.

 What is the Privacy Rule? The Standards for Privacy of Individually Identifiable Health Information (Privacy Rule) governs the use and disclosure of.
Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.

Presented by Elena Chan, UCSF Pharm.D. Candidate Tiffany Jew, USC Pharm.D. Candidate March 14, 2007 P HARMACEUTICAL C ONSULTANTS, I NC. P RO P HARMA HIPAA.
HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.

HIPAA: Privacy, Security, and HITECH, Oh My! Presented by Stephanie L. Ganucheau, Special Assistant Attorney General.
Confidentiality and HIPAA

Confidentiality and HIPAA
Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.

Copyright Eastern PA EMS Council February 2003 Health Information Portability and Accountability Act It’s the law.
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.

The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) 252-9321; Victoria Nemerson.

HIPAA PRIVACY REQUIREMENTS Dana L. Thrasher Constangy, Brooks & Smith, LLC (205) ; Victoria Nemerson.
What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,

What is HIPAA? This presentation was created by The University of Arizona Privacy Office, The Office for the Responsible Conduct of Research on March 5,
Health Insurance Portability and Accountability Act (HIPAA)HIPAA.

Health Insurance Portability and Accountability Act (HIPAA)HIPAA.
Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.

Privacy Laws & Higher Education. Agenda 1.Five Privacy Laws a.FERPA b.HIPAA c.GLB d.FACTA Disposal Rule e.CAN-SPAM 2.Overview of the Laws a.What does.
TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.

TM The HIPAA Privacy Rule: Safeguarding Health Information in Research and Public Health Practice Centers for Disease Control and Prevention Beverly A.
 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”

 Original Intent: ◦ Act passed in 1996 with two main goals: 1.Ensure individuals would be able to maintain their health insurance between jobs (the “portability”
CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.

CHAPTER © 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2 The Use of Health Information Technology in Physician Practices.
HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)
© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.

© 2011 The McGraw-Hill Companies, Inc. All rights reserved. 2.5 HIPAA Legislation and its Impact on Physician Practices 2-15 The Health Insurance Portability.
Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.

Health Insurance Portability Accountability Act of 1996 HIPAA for Researchers: IRB Related Issues HSC USC IRB.
© 2004 Property Casualty Insurers Association of America The Alphabet of Federal Legislation Kathleen Jensen Property and Casualty Insurers Association.

© 2004 Property Casualty Insurers Association of America The Alphabet of Federal Legislation Kathleen Jensen Property and Casualty Insurers Association.

Similar presentations

Ads by Google