Doulas, HIPAA, and Client Confidentiality

with No Comments

Doulas, HIPAA, and Client Confidentiality

Client Confidentiality and New Beginnings

Confidentiality is a part of the standards of a New Beginnings Doula.  It is expected that client’s information be kept private and out of the public realm, unless permission has been given to share.  It is also an expectation outlined in our code of ethics.

Why Is Confidentiality Important?

Creating a trusting relationship between the doula and her client is important due to the private and sometimes very personal nature of work a doula does.  Without that trust, a client may not feel comfortable sharing everything they need to in order to ensure the best care possible.

What Does It Mean to Keep Information Confidential?

With the standards and code of ethics given to a New Beginnings Doula, they have an obligation to make sure they follow these standards.  Sometimes information may need to be shared with other members of the birth team in order to maintain communication in providing care.  For learning purposes, some information may also need to be shared with the course instructor and other students, but a client should still fill out a confidentiality release form.  In order to keep this information confidential, a separate group has been created that we use for this and other purposes, and it is only open to students and alumni.

What Is Considered Inappropriate Disclosure of Private Information?

Disclosing any information to the family or friends of a client is not appropriate unless permission is given.  Also, discussing private information in a public forum or publicly online without permission is also not appropriate.

Whether or not you follow HIPAA guidelines, confidentiality is still expected from New Beginnings doulas.

Is HIPAA for Doulas?

In the United States, many doulas and doula organizations mistakenly believe that HIPAA was designed to protect client confidentiality in all cases under all circumstances. So you will see statements like this made:

  • “Due to the HIPAA regulations all doulas should have a signed release form.”
  • A doula “adheres to patient confidentiality in accordance to Health Insurance Portability and Accountability Act (HIPAA) regulations”.
  • As a doula “it is important to be HIPAA compliant so please read more about HIPAA here”.
Some doulas feel it is important to say they are HIPAA compliant as a way of showing their professionalism and legit claim as a respected member of the healthcare team.

In reality, HIPAA may or may not apply to you depending on the circumstances and how your business transmits information.  However, it does not apply across the board to all doulas, everywhere.  It is your own commitment to confidentiality, skill, and training, that should set you apart as an organization or professional.  You do not need laws to establish this for you.

 

So What Is HIPAA?

In 1996, the U.S. Government passed the Health Insurance Portability and and Accountability Act (HIPAA, note emphasis added on “Health Insurance”).

  • It requires Health and Human Services(HHS) to set standards for electronic health care transactions, set codes, identifiers, and security.
  • It also realized that technology may impact patients privacy and required standards to protect it in regards to these transactions.

Notice that HIPAA was not primarily about confidentiality, but about standards for electronic transactions (primarily to and from Health Insurance companies).  It was created to improve the “efficiency and effectiveness of the healthcare system” (ASPE, 2000). The need for privacy was acknowledged in this law, but more as a byproduct, not the reason for the law.

2000-Privacy Act was created to protect individuals privacy in regards to their healthcare information that was a part of electronic health care transactions.

Who Does HIPAA Apply To?

According to the privacy rule, HIPAA applies to health plans, health care clearinghouses, and certain healthcare providers.  It also applies to business associates that may work with these groups.

This is from the HHS.gov (U.S. Department of Health & Human Services)  website:

A healthcare provider includes

  • Doctors
  • Clinics
  • Psychologists
  • Dentists
  • Chiropractors
  • Nursing Homes
  • Pharmacies

…but only if they transmit any information in an electronic form in connection with a transaction for which HHS has adopted a standard.

It is debatable whether or not doulas are actually considered a healthcare provider.  If they are, HIPAA only applies to them if they use transactions that HHS has a standard for(which, remember, is why HIPAA was really created in the first place: to create standards for certain electronic transmissions to make the system more efficient), or can be considered a business associate of one of the groups it applies to.

What Electronic Transmissions Has HHS Created Standards For?

Again from the hhs.gov website:

  • As required by HIPAA, the Secretary of Health and Human Services is adopting standards for the following administrative and financial health care transactions:
    1. Health claims and equivalent encounter information.
    2. Enrollment and disenrollment in a health plan.
    3. Eligibility for a health plan.
    4. Health care payment and remittance advice.
    5. Health plan premium payments.
    6. Health claim status.
    7. Referral certification and authorization.
    8. Coordination of benefits.

    Standards for the first report of injury and claims attachments (also required by HIPAA) will be adopted at a later date.

So if you do not use these types of electronic transmission, than HIPAA does not apply to you.

All that said, so much of this law depends on how it is interpreted, and many doulas choose to provide confidentiality forms to protect their client’s information regardless.

This website lists some examples of case complaints to give you an idea of what types of transactions were prosecuted.

What Do You Need to Do If You Decide It Does Apply to You?

If you have decided that it does apply to you, or you want to call yourself HIPAA compliant, than, yes, you will have to sign confidentiality statements.  But it also involves a whole lot more.  I would encourage you to check out the hhs.gov website to help you understand what you may need to do in your business in order to comply.  Policies and procedures will  need to be created and set in place in order to be compliant with all of HIPAA laws, some of which are more than just confidentiality.  You will also need to appoint a HIPAA compliance officer that oversees the process.  Keep in mind that if you intend to market yourself as HIPAA compliant, you need to make sure you are following all the rules,  not just the ones regarding confidentiality.

More Education Regarding HIPAA Compliance

Patient Privacy: A Guide for Providers

HIPAA Enforcement Training

How do I Become HIPAA Compliant

References

Information regarding the HIPPA law comes from this website(unless otherwise noted): http://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html

ASPE. (2000). Frequently asked questions about eletronic transaction standards adopted under HIPPA. Retrieved online July 28, 2014: https://aspe.hhs.gov/report/frequently-asked-questions-about-electronic-transaction-standards-adopted-under-hipaa

De Bord, Jessica. (2013). Confidentiality. Retrieved online September 23, 2016: https://depts.washington.edu/bioethx/topics/confiden.html

Iwlew, Cindy, Howk, Erin. (2014). Your Practice and HIPAA. Retrieved online September 23, 2016: https://www.abmp.com/textonlymags/article.php?article=801

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.