As dental offices move from hard-copy records tucked away in file cabinets to practice management software, turning patient data into ones and zeroes stored on a server, the laws managing this information such as the Health Insurance Portability and Accountability Act (HIPAA) evolve to keep up with the changing technology.
To forestall confusion and potential problems, federal agencies have collaborated to release an online fact sheet to explain how practices can share electronic protected health information (PHI) with public health agencies without obtaining an individual’s written authorization, per HIPAA regulation 45 CFR 164.512(b).
The fact sheet provides examples of how HIPAA supports the electronic exchange of information, including contagious disease tracking, provider participation in cancer registries, and monitoring the health of children who have experienced lead poisoning, which all are subject to minimum necessary rules.
Other public health activities described in the new fact sheet include:
- Collecting protected health information to monitor, prevent, and track disease and vital statistics such as birth and death records; engaging in public health interventions; and other responsibilities of authorized federal, state, or local public health agencies;
- Collecting information about the health of children who have experienced lead poisoning and tracking their neurological development over time;
- Supporting the notification of people who may have been exposed to a communicable disease that the public health department is tracking;
- Enabling employers to meet health safety reporting requirements;
- Participating in state-sponsored cancer registries.