New HIPAA Opioid Guidance out of HHS

HIPAA opioid guidanceThe Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced that it will be releasing new HIPAA Opioid Guidance in response to President Trump’s declaration of a nationwide public health emergency.

HHS is the executive body governing HIPAA regulation, and OCR is the HIPAA enforcement body behind the regulation.

The new HIPAA Opioid guidance will outline how and when healthcare professionals may share protected health information (PHI) in the event of an opioid-related health crisis. These crises can include incapacitation, like circumstances involving an opioid overdose.

Prior to the new HIPAA opioid guidance, healthcare providers were barred from sharing patient information in the event of an opioid overdose with the patient’s family, friends, and legal representatives. This limitation has been widely criticized by families of opioid-dependent individuals and health care professionals alike as an unnecessary burden that restricts quality of care.

“HHS is bringing all of the resources our department has to bear in order to address this crisis. This will ensure families have the right information when trying to help loved ones who are dealing with the scourge of drug addiction,” said Acting HHS Secretary Eric D. Hargan.

“We know that support from family members and friends is key to helping people struggling with opioid addiction, but their loved ones can’t help if they aren’t informed of the problem,” said Director Roger Severino, of the HHS Office for Civil Rights. “Our clarifying guidance will give medical professionals increased confidence in their ability to cooperate with friends and family members to help save lives.”

In general, the HIPAA Privacy Rule does not allow disclosures to family or legal representatives unless expressly stated in a proper patient consent form and accompanying HIPAA policy. Standards involving the disclosure of PHI to patients themselves are also heavily regulated under the HIPAA privacy rule.

Healthcare professionals are federal mandated to have documented HIPAA policies and procedures that address each aspect of HIPAA regulation. Regulatory standards are outlines in the HIPAA Privacy Rule, the HIPAA Security Rule, the HIPAA Breach Notification Rule, and the Omnibus Rule.

Without proper policies and procedures in place, health care organizations run the risk of HIPAA violations and significant financial penalties.

HIPAA Resources

Compliancy Group gives behavioral health professionals confidence in their HIPAA compliance with The Guard®. The Guard is a web-based HIPAA compliance solution, built by former auditors to help simplify compliance.

Compliancy Group’s team of expert Compliance Coaches® field questions and guide users through the implementation process, taking the stress out of managing compliance. The Guard is built to address the full extent of HIPAA regulation, including your HIPAA policies and procedures with full documentation to back them up.

With The Guard, behavioral health professionals can focus on running their practice while keeping their patients’ data protected and secure.

Find out more about how Compliancy Group and the HIPAA Seal of Compliance® can help simplify your HIPAA compliance today!


Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.



Rate this post!

(2 raters, 10 scores, average: 5.00 out of 5)

Leave a Reply

Name and email are required. Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.