Privacy Policies: Legal Considerations, continued
When it comes to privacy, one of the first things we think of are the laws that protect the privacy of individuals when seeking treatment or health care.
There are two laws that an organization needs to be aware of when considering the privacy of residents as well as the storage and handling of records. These are 42 CFR Part 2 and HIPAA. These laws may or may not apply, depending on how an organization is structured and the specific services the larger organization provides.
- 42 CFR Part 2 is a law designed to protect the privacy of individuals seeking treatment for substance use disorders. This law applies to any “federally assisted” program that provides substance use or alcohol use disorder treatment, diagnosis or referrals.
- HIPAA is the Health Insurance Portability and Accountability Act (HIPAA), which gives people rights over their health information and sets rules and limits on who can look at and receive their health information
Recovery homes are not treatment providers or health care providers, and they do not provide treatment services at the recovery home. However, they may come into contact with information from a treatment program or receive federal assistance for their program. An organization may also be a part of a larger multi-service organization that has access to specific types of information.
Even if these laws do not apply to a recovery housing organization, it is important to at least be aware of them, because an organization will likely be sharing information with other organizations, such as doctors and treatment centers, where these laws do apply. Understanding how these laws impact service partners will make your organization a more effective partner and ensure you are keeping resident information safe.
–
(Learn more from SAMHSA: Substance Use Confidentiality Regulations Frequently Asked Questions)
(Learn more from the U.S. Department of Health and Human Services: Who must comply with HIPAA privacy standards?)