Kaitlin Morrison, LSRJ Summer Intern (’15, Columbia Law School)
The expansion of healthcare brought by the ACA is much-needed and certainly a net positive. Dependents may now remain on insurance until the age of 26. With this expansion however, the pre-existing gaps in privacy protections have been exacerbated. Consider the case of a young adult who goes to the doctor for a routine STD screening (the responsible thing, right?), only to have this private information relayed to the primary policy holder – usually the parents! The right to healthcare should not be conditional upon a relinquishment of doctor-patient confidentiality.
The basic conflict is between two important policies: maintaining appropriate communications between insurer and policy holder to ensure billing and payment transparency versus protecting patient confidentiality for insured dependents accessing “sensitive services:” sexual and reproductive health care, mental health services and drug and alcohol abuse treatment.
Many negative consequences are likely to result from this administrative quagmire. Minors and adults on another’s insurance may simply choose not to seek medical care for STD testing and treatment, contraception, and drug and mental health services, for fear of this information being shared. Alternately, dependents on private insurance may seek public clinics for STD testing and similar services to avoid the possibility of parental notification, shifting the cost to the state. Victims of domestic violence will face a difficult decision: seek treatment and risk the possibility of their location being known by their abuser (if they share a policy), or not seek medical care.
The patchwork of laws and regulations protecting privacy are incoherent in a model in which young adults remain on their parents’ insurance. By law, adult patients in California have a right to keep all health information confidential and decide whether and when to share that information with their partners and parents, regardless of whose insurance plan they are covered under. Adolescent patients in California have a right to keep certain health information confidential and decide whether and when to share that information with parents, including information about “sensitive services.” However, the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA) made an exception to the general confidentiality rules above, allowing providers and insurers to use and disclose information for payment and health care operations purposes. “Reasonable efforts” are required to limit disclosure to the “minimum necessary” to accomplish the intended purpose of the disclosure. This unclear standard is insufficient to protect privacy.
A solution to this problem has arisen in the form of SB 138, authored by state Senator Ed Hernandez, which aims to bring clarity to the myriad state and federal statutes and regulations related to the sharing of patient information in order to protect patient confidentiality for insured dependents. At the heart of the bill are two provisions: If the patient is a dependent on another’s policy, and is less than 26 years old, all such communications would be barred unless the patient authorizes them. If the patient is not a dependent and under 26, there is no automatic barring of sensitive communications, but if that patient submits a nondisclosure request, the insurer will have to honor it.
The most recently amended form of the bill will go to the appropriations committee after recess. Consider contacting your state Senator to show your support.