Does HIPAA Provide Special Protections for HIV Diagnosis/Treatment?

Share on facebook
Share on twitter
Share on pinterest

It’s easy to assume that the more sensitive information is, the more it should be protected. We know that the Health Insurance Portability and Accountability Act (known as HIPAA) protects health information. But does HIPAA provide special protections for highly sensitive health data, such as an HIV diagnosis or treatment?

In short, no. The federal HIPAA law governs all protected health information (PHI) but doesn’t afford special protections for PHI related to an HIV diagnosis or treatment. This data should be treated with the same privacy and security safeguards as any other health data. You need written consent to disclose this information, just like you do for any other type of PHI, unless the disclosure is for TPO or required by law.

Your practice must report an HIV diagnosis to your state health department for public health purposes. In many states, you can also disclose HIV services that a minor receives to their parents, if you believe it’s in the child’s best interests. However, you must not disclose this status to a patient’s employer.

At your practice, you may choose to provide extra protection, such as keeping HIV-related information in a separate area of the electronic health record. Additionally, state law may have requirements in addition to the HIPAA Privacy Rule. For example, some states or cities require you the health care provider or the patient to notify their partners of their HIV status or go through a partner notification program, such as in Texas. If your state has additional protections, you must comply with them.

In summary, HIPAA doesn’t provide special protections for HIV diagnosis or status. Nevertheless, you must still follow your current privacy policies and procedures to protect all patient data.

Please share to your communities

Request A HIPAAtrek Demo

Compliance is complicated. Your compliance software doesn’t have to be. Schedule your demo today!
Learn about Hipaa

Join the HIPAA Huddle

The HIPAA Huddle is a monthly meeting for compliance officers and others with HIPAA oversight responsibility to meet LIVE in a collaborative  environment to work through a single issue or discuss best practices.