Robert
-
I
think I need to question one of your assumptions, and your approach to this kind
of problem.
#1 the
assumption that: <the individual
has lost the right to privacy once they break the law> is not correct, and is
in fact dangerously incorrect.
HIPAA does not state
that principle anywhere. It does list a number of conditions under which PHI may
be disclosed: for TPO, under an authorization, and under the conditions listed
in 45 CFR 164.512 (uses and disclosures not for TPO for which no authorization
is required). If you read that regulation you will see that subsection (a) does
permit a disclosure required by law, while subsection (f) sets out the specific
requirements for disclosures for law enforcement purposes. (The other
exceptions in this regulation don't appear likely ever to apply to this kind of
situation). If there is a law on the books requiring disclosure of drug-seeking
behavior, exception (a) would apply; but I am not aware of any such laws
(doesn't mean there aren't any, I just don't know of any).
This is a very
different approach to privacy from the assumption that "if you break the
law you lose your privacy." While the U.S. Constitution does not explicitly
state a privacy right (there are theories that it does so implicitly, but that's
another set of questions), HIPAA does create a statutory/regulatory set of
privacy obligations on the part of CEs and entitlements on the part of
individuals. I frankly don't think that a pharmacist's judgment that he thinks
someone has broken the law by improperly seeking drugs (by the way, *is*
drug-seeking behavior a crime? or just a basis for suspicion of a crime? or are
we using an alert of this kind to prevent health problems and
over-prescription?) will suffice to eliminate this entitlement (as a matter
of law) or relieve the pharmacist, as a CE, of his or her obligation to respect
these privacy entitlements by complying with the regulations. (By the way, what
if he's wrong? In addition to breach of privacy there might well be a suit for
libel available.)
This is not to say
something can't be done to communicate about this kind of problem - we have
discussed it quite a bit and there have been a number of good postings on the
subject - but the way to approach a solution it is to start with the regulations
and read them carefully. (Also any applicable business associate
contracts; for example, in your example of the PBM, has the PBM
checked to make sure any BAC it has with a CE that provided some of the PHI which
describes the prescriptions written permits that kind of disclosure? There are
some badly drafted documents out there, not all of which might allow for
everything you would like to assume they do.)
The underlying point
being that with HIPAA coming into effect decisions like these have to be made in
a more formal way, with actual reference to regs and contracts and not in
reliance on what you assume should be the right result.
John R.
Christiansen
Preston | Gates | Ellis LLP
701 Fifth Avenue, Seattle, Washington 98104
(Direct: 206.613.7118 - (Cell: 206.683.9125
* [EMAIL PROTECTED]
Preston | Gates | Ellis LLP
701 Fifth Avenue, Seattle, Washington 98104
(Direct: 206.613.7118 - (Cell: 206.683.9125
* [EMAIL PROTECTED]
-----Original Message-----Yes and no. First, they are breaking the law when they doctor-shop for
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
Sent: Thursday, January 16, 2003 12:05 PM
To: WEDI SNIP Privacy Workgroup List
Subject: Re: Here is a good Privacy Issue that will cause problems
narcotics. Secondly, who is responsible for report this to law enforcement?
The question comes up, how did you know the individual went to different
pharmacies? were you told by the same chain of pharmacies? Usually it will be
tracked by the PBM when multiple pharmacies are being used. That's why our
organization wants to control narcotics OTC. Oxeycontin is usually a long
term medication for severe pain and should be provided mail (where there are
systems in place to catch this kind of misuse). It is a red flag when
narcotics are being prescribe OTC. With regard to what should happen; the
PBM should write letters to all physicians that prescribe this narcotic to
the individual in question, making them aware of the manufacturers protocol
and the total number of pills being prescribed -- this is done as a matter of
post utilization review for OTC drugs.
The question is who has the responsibility to report this to the authorities?
I believe under your scenario, the individual has lost the right to privacy
once they break the law.
Please correct me if I am wrong in my assumptions.
Thanks, Robert
Robert Blinch-Edwards
Executive Director
Healthcare Sarasota, Inc.
1991 Main Street, Suite 148
Sarasota, FL 34236
Tel: 941-917-7995
Fax: 941-917-1930
email: [EMAIL PROTECTED]
Web: www.hcsrq.com
In a message dated 1/15/2003 3:43:15 PM Central Standard Time, [EMAIL PROTECTED] writes:
Subj: Here is a good Privacy Issue that will cause problems
Date: 1/15/2003 3:43:15 PM Central Standard Time
From: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent from the Internet
Today, a clinic that I work with received a letter from a local pharmacy
about a patient that was a "Drug Seeker" as we call them. Over the
course of 30 days he had been to several doctors and several pharmacies
and received over 350 total pills all a controlled substance.
What happens to the pharmacy's ability to do these types of things
under Privacy?
Clearly, pharmacist were communicated information back and forth to
each other and to physicians on this person. They even sent letters to
all physicians in the area.
Problem? yes or no
Rebekah Savoie, CCS-P
Healthcare Consultant
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
Confidentiality Note:
The information contained in this email message is legally privileged and confidential, intended only for the use of the individual or entity named above. If the reader of this email message is not the intended recipient, you are hereby notified that any dissemination, distribution, or copy of this
email message is strictly prohibited.
Robert Blinch-Edwards
Executive Director
Healthcare Sarasota, Inc.
1991 Main Street, Suite 148
Sarasota, FL 34236
Tel: 941-917-7995
Fax: 941-917-1930
email: [EMAIL PROTECTED]
Web: www.hcsrq.com
---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org ---
The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time.
You are currently subscribed to wedi-privacy as: [email protected]
To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED]
If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
