Does HIPAA Apply to a Federal Subpoena?
The Health Insurance Portability and Accountability Act (HIPAA) was organized by Congress in 1996 as a means of protecting private health care information for patients. Covered entities, such as doctors and health insurance plans, are impacted by HIPAA standards. However, federal subpoenas have an exemption from disclosure policies.-
Disclosure Policy
-
Under HIPAA's Privacy Rule, covered entities must obtain written consent from a patient to have his or her health care information disclosed for purposes other than treatment. When information is disclosed without patient authorization, this constitutes a HIPAA violation, which is a federal offense.
Exception
-
If patient health care information is subpoenaed by a federal court, judge or other official, then the covered entity does not have to obtain written consent from the patient before the information is turned over. Federal subpoenas claim superiority over the HIPAA disclosure policy.
Clarification
-
Federal entities and legal authorities must maintain the protection of health care information once it is in their possession. That is, they must be sure to keep the information safe and secure so that unauthorized personnel cannot access it. Additionally, discussing patient information with others beyond legal purposes, such as discussing the patient with a friend or spouse, is a HIPAA violation.
-