Healthcare Compliance Perspective:
When disclosing PHI, a nursing home must restrict the information to the minimum amount necessary to accomplish the purpose of the disclosure. Any unreasonable use of PHI may result in violation of the Health Insurance Portability and Accountability Act (HIPAA).
A patient’s rights group alleges that an Iowa teen with hemophilia had his privacy rights, covered under the Health Information Portability and Accountability Act (HIPAA), violated when the insurance company covering his illness revealed that it was costing the company over $1 million monthly to treat the youth.
Because hemophilia is so rare in boys (1 in 5,000) and there are only about 25 boys throughout the state of Iowa with the disease, three well-recognized Hemophilia organizations-the National Hemophilia Foundation, the Hemophilia Federation of America and Hemophilia of Iowa-asserted the HIPAA violation.
The complaint contends that, “Given the rarity of the condition and the insurer’s relatively full description of the individual, most neighbors would be able to identify the patient.” It further says the executive’s description identified the teen “just as assuredly as if had she spoken his name or flashed his likeness on the screen, in violation of HIPAA.”
The patient advocacy groups also say the teen was no longer even covered by the insurer when the executive talked publicly about his case in March. It seems that the youth and his family, along with other Iowans, had to switch insurance carriers in 2017 because the insurance company stopped selling individual health insurance policies in 58 Iowa counties. The insurance company declined to respond to the allegation.