[ Wednesday, July 24, 2002 ]
From Phoenix Health Systems
*** Clergy Access to Patient Information: Where to Begin? ***
The HIPAA Privacy rule permits a covered entity to disclose to a member of the clergy:
(1) the individual's name;
(2) the individual's general condition in terms that do not communicate specific medical information about the individual;
(3) the individual's location in the facility; and
(4) the individual's religious affiliation.
A disclosure of directory information may be made to members of the clergy even if they do not inquire about an individual by name. So, as a covered entity, can you give all members of the clergy access to your entire patient directory?
Covered entities are not required to obtain religious affiliation from patients, nor are they required to provide this information to the clergy. If you choose to give access to the clergy, you must look deeper into the regulations before setting up related procedures.
First, your organization must settle on a process to determine who are members of the clergy and who will be allowed access. Unexpected conflicts should be considered, for example if a newspaper reporter is also a member of the clergy. Another potential problem is that with the ease that one can become a member of the clergy, (for example, becoming a "minister" by doing a quick Internet search and completing a simple online form), should anyone claiming clergy status be given access to patient information?
In addition, you should be able to honor patients' rights to a meaningful opportunity to opt-out of directory listings or to restrict some or all of the uses and disclosures that might be included. Many patients may not want their religious affiliation shared with anyone, or they may want it restricted to their minister or denomination. Individuals should be free to determine whether they want their religious affiliation disclosed to clergy through facility directories.
Clearly, policies and procedures in this area must include more than a simple inquiry for the patient's religious affiliation and a request for permission to provide this information to clergy members. As with so many aspects of patient privacy under HIPAA, the devil is in the details. Carefully think through and implement a process that explains how and to whom patient information will be shared, and provides a genuine means for determining not only if patients want their information shared with clergy, but if they also wish their religious affiliation shared. Then make sure all affected staff have access to the patient's recorded choices, and are trained to follow through accordingly.
William M. Miaoulis, Principal
Phoenix Health Systems
That's today's HIPAAnote...now, pass it along!
Jeff [9:15 AM]
Blogger: HIPAA Blog - Edit your Template