n4a Weighs in on HIPAA Privacy Rule Changes About Implications for CBOs
Tuesday, June 1, 2021
Section: May Associate Newsletter

n4a submitted comments responding to an HHS proposal to change Health Insurance Portability and Accountability Act (HIPAA) privacy rules affecting care coordination and case management activities. n4a's letter to HHS reflected input from n4a members about how updates to the privacy rules would affect Aging Network agencies, other community-based organizations and their clients.

A majority of n4a members responding to our request for input about the proposed changes supported proposals that would permit HIPAA-covered entities to disclose protected health information (PHI) to social service organizations, including Aging Network entities, that provide/coordinate health-related services and engage in case management activities; and exempt covered entities from current standards limiting the amount of PHI that can be shared for the purposes of case management and care coordination activities. However, n4a flagged some concerns that these changes could potentially lead some covered entities to inundate local CBOs with referrals and client information.
Additionally, n4a members were either supportive of, or neutral about proposed changes that would increase the ability of individuals to access their own PHI and reduce information-sharing restrictions during emergency or crisis situations, but n4a's letter to HHS noted that loosening these restrictions could potentially lead to conflict within families regarding which caregivers may be entitled to patient PHI.
HHS now must review stakeholder feedback on the proposed changes to HIPAA privacy rules before releasing a final rule. Timing for final changes is uncertain at this point, but n4a will keep members and other stakeholders apprised of significant changes as they roll out from the Administration.