Index 42 CFR Part 2Creation and UpdatesHow It WorksThe Moral StandHIPAA vs. Part 2ExperienceConclusionHealth information is a huge field that is largely regulated with laws specific to each aspect of the profession. This is not surprising since the information handled by HIM professionals is sensitive and extensive. Regardless of where a professional goes within HIM, they will always have to comply with the Health Insurance Portability and Accountability Act of 1996 (HIPAA), local and state laws, and other federal laws. Some procedures are specific to the facility aspect but, where a facility houses a patient with certain needs, the laws should always be reviewed and utilized. Patients who come to mental and behavioral services are those who require a specific set of laws to protect their information, as that information is much more sensitive than that of the average patient who comes in for a fracture. Say no to plagiarism. Get a tailor-made essay on "Why Violent Video Games Shouldn't Be Banned"? Get an Original Essay My capstone gave me the chance to visit Porter-Starke Services in Valparaiso, Indiana, which is a mental and behavioral medicine facility. Porter-Starke accepts patients from Porter and Starke counties, although there are several cases of patients from Lake and La Porte County. Because Porter-Starke is a mental and behavioral facility, it is typically the facility that receives patients for substance abuse or addictive disorders. These patients are often known as SUD, which stands for “substance abuse disorder,” and marks them as patients who keep very sensitive information in their records. As a standard, a HIM professional is just a HIM professional and does not have the authority to judge a patient based on their medical records. HIM professionals protect records, encrypt them, and keep information confidential. Even if a patient has been convicted as a criminal, a HIM professional must remain free from judgment and keep records protected and confidential. Regardless of the facility where a HIM professional works, patients need to know that their information is safe. Failure to keep the information safe may lead to the patient terminating treatment early to their detriment. Considering that HIM professionals are under the umbrella of medical personnel, this is counterproductive to medical efforts. Patients visit facilities to improve, not to receive judgment. And, if someone who has done wrong in the past tries to get help to better themselves, it goes against what medicine stands for and sets a precedent that a patient will encounter judgment, and potentially discrimination, during treatment even after they are well. This will have cascading effects on others who will balk at the idea of ​​seeking help in the future; that is not what healthcare is about, and as professionals, we are better than such actions. Regardless of where you stand on any issue, it is your professional duty to keep your biases out of the work and out of the information on the record. Such judgments are harmful to the professional, the patient, the facility and the sector itself. During my time at Porter-Starke, this was emphasized to me from the beginning and is something I will not forget, regardless of where I go. Medical professionals help people, and bad mouthing a patient helps no one. In 1996, HIPAA was passed and established as a law, creating privacy and security regulations as the standard along with many other implications. Essentially, HIPAA hasallowed an employee to continue to receive health insurance through their employer in the event that an employee lost or transferred a job, better defined fraud and abuse in medical information, and better defined the confidentiality and security of medical information. It also eliminated discrimination in medical insurance companies against patients with pre-existing conditions. The Privacy Rule made it a standard that only those with permission had access to medical information, and only the relevant information. This means that if the patient does not provide written consent indicating what information is to be provided and to whom, the requesting person will not be granted access to the information provided. This also means that a patient is allowed to view their information, however, there are circumstances where access is limited, such as psychiatric notes, as these are considered detrimental to the patient's progress. It should also be noted that the information belongs to the patient, however, the record itself, regardless of format, belongs to the facility that holds it. Accidents can happen with medical information; sometimes the letters or numbers are reversed and the information is sent to the wrong person. Sometimes there are some who willfully ignore the law. Regardless of intent, when information reaches someone with limited access, it is called a breach. Violations can be costly to a facility depending on the scope, and that does not include criminal intent. As stated previously, violations can be as simple as a patient sending a letter to the wrong address. The result is typically education and the patient is informed that the information may have been compromised. When the breach is more extensive, involving numerous patients or criminal intent, it can cost thousands and take months to notify all affected patients. And, if the purpose of the violation was criminal intent, offenders could face prison time and fines exceeding $100,000. There are many aspects of breaches and criminal intent regarding medical information; the most common words involved are “fraud” and “abuse”. Fraud is defined as the act of someone using information for their own benefit, such as identity theft. Abuse is the intentional misuse of procedures to benefit an individual, such as intentionally coding a medically unnecessary service in order to obtain a higher reimbursement. However, it is unhealthy to assume that everyone has a similar intent. Again, errors can occur, but it is worth investigating the history of such actions. Being aware of the potential for such actions keeps your information better protected and should suspicions arise. When information falls under consent to be provided, it is often referred to as an "information release" for obvious reasons; is the act of providing the requested information from a record to the requesting individual. When someone requests information from a medical record, the patient, the owner of the information, must sign the consent request before it can be released. If the patient refuses to sign the data will not be released. The signature states that the patient agrees, acknowledges and understands what information is being provided to the individual and, generally, how the requested information will be used. When information is needed by the court, a subpoena is provided to the facility by the court. This is typically provided to the facility's privacy officer. There are numerous reasons why a courtmay need information or, sometimes, for an individual to appear in court. In any case, this is a far from exceptional situation for the facility, as it means that regardless of who attends or what information is provided, it will result in a loss of revenue. If the court asks for information, it means that a HIM professional, nurse or doctor will have to come to court to write down the information or verify it, depending on what is happening in the case. A doctor who has to go to court may be out of the office for a few hours, or even days, during which patients are not seen. Likewise, work is not completed if information is also requested from a nurse or HIM professional. For Porter-Starke, they require a few hundred dollars an hour to have a doctor attend or ask that a doctor can send a letter certifying that the information is valid. The former is used to encourage the court to accept the latter. However, there are some cases where the case is so complex and extensive that it requires the presence of the people involved. In these cases it is inevitable. As one of Porter-Starke's staff members stated, “everything is situational.” While it is best to keep everything within a standard, standards may not always be an option.42 CFR Part 2HIPAA covers the majority of cases encountered, especially within inpatient hospital settings. Of course, for every circumstance, there is always a special circumstance. Mental and behavioral structures, as stated previously, encounter very sensitive information. HIPAA, unfortunately, does not cover some of these aspects in its overall policy. In order to better protect these patients, as well as SUD patients, 42 CFR Part 2 is used and promulgated. This is an extensive law that covers numerous aspects of patient information and special circumstances of handling information and its use. Creation and Updates42 CFR Part 2 was enacted into law in the 1970s as part of the Code of Federal Regulations, where it is one of the fifty titles. The codes are reviewed annually, then divided and revised cyclically over quarters. Part 2 is revised with articles 42 to 50 on October 1 (US Government Publishing Office 2019). Part 2 is under review by some individuals. Last year, in 2018, HR 6082 went to the Senate; in this package, 42 CFR Part 2 would be removed and replaced with HIPAA. While this seems like a wise decision, HIPAA does not take into account the sensitivity of information protected by 42 CFR Part 2. Part 2 requires a special, specific court order to permit release of the information and includes a statement prohibiting re- disclosure to other sources. How it works Part 2 protects patient information, especially in the case of SUD patients, from prohibited re-disclosure and goes into extensive detail about how certain circumstances may affect how information in a record may be used or disclosed or , in some cases, cannot influence them at all. There are five sub-parts of the Act; Subpart A introduces the law, its purpose and effects, criminal appeal and how to report violations of the law; Subpart B covers the general provisions of Part 2 with definitions, how to use the law and restrictions to it; Subpart C covers the information provided with patient consent and the form to be used; Subpart D covers disclosures that do not require patient consent; and subpart E covers “Court Orders Authorizing Disclosure and Use,” or howthe court may use the disclosed information and procedures for court orders. The effect of the Act is to limit the disclosure of information in the register except in certain circumstances which it covers. These certain circumstances include medical emergencies, criminal activity occurring on the program site involving personnel, qualified audits and evaluations, reports of child abuse and/or neglect required by state law, search requests, and court orders for disclosure and the use of documents. If, at any time, these situations require disclosure of information, they are also required to provide the receiving party with a notice prohibiting redisclosure of the information they are about to receive. Failure to comply with the redistribution ban may result in criminal penalties of $500 for a first offense and no more than $5,000 for cases following the first offense. There is also the possibility that a lawsuit will follow from the patient, their family, or the facility where the information originated. As stated previously, the law also goes into detail about how certain situations that may require disclosure of information should be handled. . During my time at Porter-Starke, a situation arose where a doctor was attempting to terminate the doctor-patient contract; the doctor followed the necessary procedures and sent a letter to the patient, where it was retained by the post office, as required by law. The post office informed the patient that they had some mail held for collection. The post office held the letter for the statutory period of time and returned it to the facility, unopened and unclaimed. This circumstance is unusual and required some extensive research to determine what the next action should be. Unfortunately, during my time with Porter-Starke, I was unable to learn how the situation was handled or the outcome. It is, however, a good lesson to know that even if you have worked in a position for decades and believe you know and understand the laws and procedures, there is always the possibility of something new and unique happening. The moral position Some may consider Part 2 is controversial to the point of needing to be replaced; so why does it stay? HIPAA and Part 2 prevent patient information from being freely disclosed, and unfortunately, there are some who believe that medical information should be “fair game” for the rest of the world. This can mean insurance companies looking for a new client or a doctor looking for more patients or even a pharmaceutical company looking for people to advertise to. One can easily imagine what atrocities someone could commit with any medical information taken from any medical record, such as blackmail, identity theft, or selling information. Both laws keep this information from the wrong people, however, Part 2 is controversial simply for the fact that it protects SUD patients and those with mental and behavioral medical conditions. We all make mistakes; sometimes those mistakes are forgotten the next day while others will stick to our person for the rest of our lives. Sometimes these errors are known to everyone, while others are known only to the individual. Regardless, when someone actively tries to seek help, no one should hold these mistakes against them. This is the essence of this law; it gives someone the chance to get help without fear of judgment. I had a discussion with an Indiana University Northwest Criminal Justice Alumni student about this topic. We discussed how someonecould be arrested for substance abuse, whether for possession, dealing, purchasing or transporting, it will be something that will always be on his shoulders for the rest of his life. Regardless of the amount, it can still be a federal conviction, and when someone receives a federal conviction, they are ostracized from the country. To put into perspective, someone with a federal conviction is no longer entitled to vote, will have difficulty finding a job, receiving a loan (which means they are also less likely to receive a higher education), and less likely to be recruited. the military. Knowing this highlights the perspective of the SUD patient. Of course, not all SUDs are attempting to better themselves, however, their information should still be treated with equal respect. It's a small kindness to give them peace of mind knowing their information is protected and free from judgment. Patients who have a mental or behavioral condition should also receive the same treatment. Those who are suicidal should not fear having their information freely disclosed, nor should those suffering from schizophrenia be denied the right to have their information protected. These patients are people and they too should be given respect and sympathy. Health information professionals are not law enforcement, and it is not our place to make those calls. Patient information is our responsibility and we must do our best to make sure it is protected so the patient can hopefully recover. If Part 2 were to be changed or removed, it is likely that fewer patients will return for treatment. Knowing this, a patient is more likely to return to their old habits and potentially get another conviction or cause harm to themselves or others. HIPAA vs. Part 2 HIPAA and Part 2 are very similar in how they work as laws. Both keep information safe and secure and require consent for disclosure. It may be because of their similarities that some believe replacing Part 2 with HIPAA is a wise decision. What these people don't understand is that Part 2 supersedes HIPAA when the question of which law to comply with is raised, as it gives the patient more control over their information, especially in the case of patients with substance use disorders. While both ensure that protected health information is not disclosed or accessed by improper parties, Part 2 furthers the law by stating that information cannot be linked whether or not a patient has a SUD or mental disorder , nor can it be reported that a patient is or is not in a particular program. Part 2 provides those in a program who are treating the patient with the information they simply need for treatment; anything else is prohibited. It also means that a patient cannot be charged or investigated while participating in a program unless an appropriate court order has been made. This also means that it is illegal to place undercover officers in a program to investigate a patient. HIPAA does not have this provision. Both HIPAA and Part 2 have a minimum necessary provision to keep the information limited to simply what is requested, however, HIPAA has the exception that the information may be disclosed to the patient and any other care provider. Experience My personal experience at Porter- The stakes were quite interesting. It was a little difficult at first because one employee would leave and another would be hired in his place. Many staff members were shocked to hear that.