For more stories like this, sign up for the PLANSPONSOR NEWSDash daily newsletter.
Compliance November 2, 2005
Court Rejects Appeal to HIPAA Case
November 2, 2005 (PLANSPONSOR.com) - The US 3rd
Circuit Court of Appeals has decided the US Department of
Health and Human Services (HHS) did not violate the US
Constitution or HIPAA by eliminating the consent requirement
from HIPAA's privacy rules.
Reported by Rebecca Moore
Citizens for Health, a coalition of organizations and individual health care providers and/or patients, had challenged HIPAA’s privacy rules, as amended in 2002. Thompson reports that the group’s members claimed that, by allowing “routine uses” of protected health information (PHI) without consent, HHS violated their constitutional rights to privacy and free speech. They also claimed that this rule change was outside the scope of the authority granted HHS by HIPAA, and that the agency did not allow adequate public notice and comment on it, according to Thompson.
In April 2004, a district court ruled that the amended HIPAA rules do not violate constitutional rights to medical privacy or private physician-patient communications because they do not actually require PHI disclosure without consent. In its agreement with the district court decision, the appellate court added that the unconsented PHI disclosures complained of are not subject to the Constitution at all because they are not “state action.”
The appellate court also agreed with the lower court that HHS had reasonably balanced HIPAA’s goals of health care efficiency and privacy and that the agency’s explanation of its change from the original 2000 rules was adequate and provided a reasoned analysis.
The case is Citizens for Health v. Leavitt, 2005 WL 2839824 (3rd Cir., Oct. 31, 2005).