with 1 Comment

Doulas, HIPAA, and Client Confidentiality

Client Confidentiality and New Beginnings

Confidentiality is an important part of the standards of a New Beginnings Doula.  It is imperative that clients’ information be kept private and out of the public realm, (unless permission has been given to share.)  It is also an expectation outlined in our code of ethics.

Why Is Confidentiality Important?

Due to the private and sometimes very personal nature of doula work, creating a trusting relationship between the doula and client is vastly important  Without that trust, a client may not feel comfortable sharing everything they need to share in order to ensure the best care possible.

What Does It Mean to Keep Information Confidential?

With the standards and code of ethics given to a New Beginnings Doula, you have an obligation to make sure you follow these standards.  Sometimes information may need to be shared with other members of the birth team to maintain communication in providing care.  For learning purposes, certain information may also be shared with the course instructor and other students, but a client should still fill out a confidentiality release form.  In order to keep this information confidential, a separate group has been created that we use for this and other purposes, and it is only open to students and alumni.

What Is Considered Inappropriate Disclosure of Private Information?

Disclosing any information to the family or friends of a client is not appropriate unless permission is given.  Also, discussing private information without permission in a public forum, or publicly online, or even on social media, is considered an inappropriate breach of privacy.

Whether or not you follow HIPAA guidelines, confidentiality is still expected from New Beginnings doulas.

Is HIPAA for Doulas?

In the United States, many doulas and doula organizations mistakenly believe that HIPAA was designed to protect client confidentiality in all cases under all circumstances. So you will see statements like this made:

  • “Due to the HIPAA regulations all doulas should have a signed release form.”
  • A doula “adheres to patient confidentiality in accordance to Health Insurance Portability and Accountability Act (HIPAA) regulations”.
  • As a doula “it is important to be HIPAA compliant so please read more about HIPAA here”.
Some doulas feel it is important to say they are HIPAA compliant as a way of showing their professionalism and legit claim as a respected member of the healthcare team.

In reality, HIPAA may or may not apply to you depending on the circumstances and how your business transmits information.  However, it does not apply across the board to all doulas, everywhere.  It is your own ethical commitment to confidentiality, skill, and training that should set you apart as an organization or professional.  You do not need laws to establish this for you.

So What Is HIPAA?

In 1996, the U.S. Government passed the Health Insurance Portability and Accountability Act, otherwise known as HIPAA. (Note the emphasis added on “Health Insurance”).

  • It required Health and Human Services (HHS) to set standards for electronic health care transactions, set codes, identifiers, and security.
  • It also realized that technology may impact patients’ privacy and required standards to protect it in regards to these transactions.

Notice that HIPAA was not primarily about confidentiality, but about standards for electronic transactions (primarily to and from Health Insurance companies).  It was created to improve the “efficiency and effectiveness of the healthcare system” (ASPE, 2000). The need for privacy was acknowledged in this law, but more as a byproduct, not the reason for the law.

2000-Privacy Act was created to protect individuals’ privacy in regards to their healthcare information that was a part of electronic health care transactions.

Who Does HIPAA Apply To?

According to the privacy rule, HIPAA applies to health plans, health care clearinghouses, and certain healthcare providers.  It also applies to business associates who may work with these groups.

This is from the HHS.gov (U.S. Department of Health & Human Services)  website:

A healthcare provider includes

  • Doctors
  • Clinics
  • Psychologists
  • Dentists
  • Chiropractors
  • Nursing Homes
  • Pharmacies

…but only if they transmit any information in an electronic form in connection with a transaction for which HHS has adopted a standard.

It is debatable whether or not doulas are actually considered a healthcare provider.  If they are, then HIPAA only applies to them if they use transactions that HHS has a standard for, or if they are a business associate of one of the groups it applies to. Remember, this is why HIPAA was really created in the first place: to create standards for certain electronic transmissions to make the system more efficient.

What Electronic Transmissions Has HHS Created Standards For?

Again from the hhs.gov website:

  • As required by HIPAA, the Secretary of Health and Human Services is adopting standards for the following administrative and financial health care transactions:
    1. Health claims and equivalent encounter information.
    2. Enrollment and disenrollment in a health plan.
    3. Eligibility for a health plan.
    4. Health care payment and remittance advice.
    5. Health plan premium payments.
    6. Health claim status.
    7. Referral certification and authorization.
    8. Coordination of benefits.

    Standards for the first report of injury and claims attachments (also required by HIPAA) will be adopted at a later date.

So if you do not use these types of electronic transmission, then HIPAA does not apply to you.

All that said, so much of this law depends on how it is interpreted, and many doulas choose to provide confidentiality forms to protect their client’s information regardless.

This website lists some examples of case complaints to give you an idea of what types of transactions were prosecuted.

What Do You Need to Do If You Decide HIPAA Does Apply to You?

If you have decided that it does apply to you, or you want to call yourself HIPAA compliant, then you will have to sign confidentiality statements. But it also involves a whole lot more than just that. I encourage you to check out the hhs.gov website to understand what you may need to do in your business in order to comply.  Policies and procedures will need to be created and set in place in order to be compliant with all of HIPAA laws, some of which are more than just confidentiality.  You will also need to appoint a HIPAA compliance officer that oversees the process.  Keep in mind that if you intend to market yourself as HIPAA compliant, then you need to make sure you are following all the rules, not just the ones regarding confidentiality.

More Education Regarding HIPAA Compliance

Patient Privacy: A Guide for Providers

HIPAA Enforcement Training

How do I Become HIPAA Compliant

References

Information regarding the HIPPA law comes from this website (unless otherwise noted): http://www.hhs.gov/hipaa/for-professionals/privacy/laws-regulations/index.html

ASPE. (2000). Frequently asked questions about electronic transaction standards adopted under HIPPA. Retrieved online July 28, 2014: https://aspe.hhs.gov/report/frequently-asked-questions-about-electronic-transaction-standards-adopted-under-hipaa

De Bord, Jessica. (2013). Confidentiality. Retrieved online September 23, 2016: https://depts.washington.edu/bioethx/topics/confiden.html

Iwlew, Cindy, Howk, Erin. (2014). Your Practice and HIPAA. Retrieved online September 23, 2016: https://www.abmp.com/textonlymags/article.php?article=801

Follow Rachel Leavitt:

Rachel has worked as a register nurse (BSN from University of Utah) since 2004 with a work history in Labor and Delivery, NICU and Postpartum Care. She is also the founder of New Beginnings Doula Training which she organized in 2011. When she's not busy being a mother and grandmother, she can be found reading research papers related to some aspect of childbirth.

One Response

  1. Olivia Edwards
    | Reply

    Does electronically created and signed doula contracts fall under the HIPPA guidelines?

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.