Resources for Health Insurance Portability and Accountability Act (HIPAA)

HIPAA won't prevent disclosure to oversight agency

health.cch.com

An Ohio federal court has ruled that the confidentiality requirements of the Health Insurance Portability and Accountability Act (HIPAA) do not excuse Ohio's Medicaid agency from disclosing patient information in a class action to enforce Medicaid's early and periodic screening, diagnosis and treatment (EPSDT) requirements.

The Ohio Legal Rights Service (OLRS) brought the proposed class action as the federally designated protection and advocacy agency charged with the protection of the rights of persons with mental illness, mental retardation, developmental disabilities and other disabilities. The named plaintiffs were individuals under age 21 whose disabilities made certain early childhood intervention services medically necessary.

The plaintiffs had asked for certification of a statewide class consisting of all Medicaid-eligible children up to the age of 21 who have been denied access to necessary services that should have been provided through Ohio’s EPSDT program. The Medicaid agency objected, and the court had ordered the parties to engage in discovery relevant to the class certification.

OLRS subpoenaed county agencies involved in the administration of the Medicaid and EPSDT programs to provide information on Medicaid recipients who might qualify as members of the proposed class. The counties and administrators of the Medicaid program argued that disclosure of this private health information was prohibited under Medicaid law, HIPAA and Ohio law.

View the Resource

Share or bookmarklet this web page at: