In a letter to the principal deputy administrator of the Substance Abuse and Mental Health Services Administration, the American Hospital Association emphasized its support to align patient data exchange rules with HIPAA.
Currently, a federally assisted substance use disorder program can only release patient identifying information to specific parties as identified by the patient and not by general consent, as outlined in rule 42 CFR Part 2. In February, HHS released a proposed rule that would modernize this rule and facilitate health information exchange with these providers. "HHS wants to ensure that patients with substance use disorders have the ability to participate in new integrated healthcare models without adverse consequences that could result from inappropriate disclosure of patient records," according to an HHS statement.
The AHA does not believe this proposed rule would be an improvement over the current rule, saying it doesn't eliminate existing barriers to sharing patient information essential for care coordination. Instead, the organization believes HIPAA's privacy structure is best suited to promote information sharing and also set the standard for protecting the privacy and security of patient information.
The Part 2 privacy structure, according to the AHA, presents a barrier to behavioral health data integration with physical health data because it differentiates how the two types of data are handled. Instead, the AHA suggests doing away with the categorization of the types of data.
"Permitting providers to handle and treat patient data related to behavioral health as simply another part of a patient's healthcare data protected by HIPAA is an [sic] critical component of a demonstrated more effective approach to caring for and achieving the best outcomes for all patients," reads the letter.
More articles on HIPAA:
Google, Kivney to launch HIPAA-compliant mobile service on Google Cloud
California court rules Millennium Labs' insurer will not cover HIPAA investigation costs
7 things to know about phase 2 of the HIPAA audit program