Beyond HIPAA: Patient Medical Records and Client Confidentiality in Mental Health
Mark R. Brengelman focuses on representing health care practitioners before licensure boards and in other professional regulatory matters. He also represents children as Guardian ad Litem and parents as Court Appointed Counsel in confidential child dependency, neglect, and abuse proceedings in family court.
Mark became interested in law when he graduated with both Bachelor’s and Master’s degrees in Philosophy from Emory University in Atlanta. He then earned a Juris Doctorate from the University Of Kentucky College Of Law. Mark became an Assistant Attorney General for Kentucky in the area of administrative and professional law as the assigned counsel and prosecuting attorney to numerous health professions licensure boards.
Retiring from the state government in 2012, Mark became certified as a hearing officer and opened his own law practice. Mark registered as a legislative agent (lobbyist) for the Kentucky Association of Pastoral Counselors for the passage of Senate Bill 61 by the 2014 General Assembly. He is the immediate past Chair of the Health Law Section of the Kentucky Bar Association.
As a frequent participant in continuing education, Mark has been a presenter for thirty national and state organizations and private companies. These include the Kentucky Bar Association, Kentucky Office of the Attorney General, the National Attorneys General Training and Research Institute, the Federation of Associations of Regulatory Boards.
Mark was also the founding presenter in 2013-14 for “Navigating Ethics and Law for Mental Health Professionals,” a continuing education training approved by five Kentucky mental health licensure boards. He also founded in 2017 “The Kentucky Code of Ethical Conduct: Ethical Practice; Risk Management, and; the Code of Ethical Conduct” as an approved, state-mandated continuing education for social workers.
Learn to identify and apply differing and conflicting rules with respect to the specific health care practitioner, the specific health care facility practice, and the emerging rules and regulations for electronic medical records confidentiality, security, and disposition. In addition to these clinical requirements of a specific profession, additional state laws set forth the content and retention of other types of records, other than clinical records of a patient that is also kept by the professional, such as supervisory agreements with other professionals subordinate to them as well as their own unique record content requirements.
One area covered specifically about electronic record recognizes that while psychotherapy and mental health services are ideal treatments to offer over the internet, that is, by simultaneous audio-visual transmission between the doctor and the patient, the risks of breaches of confidentiality also vastly increase. And when the successful doctor-patient relationship is over, how does the health care practitioner providing a mental health service dispose of these electronic records?
In addition to state law requirements for the specific retention and disposition of clinical medical records, how long should the health care practitioner retain records for the possible, future defense of a malpractice claim for negligent treatment? Or to retain such medical records when the patient is a minor? Or to defend a possible complaint and disciplinary action by a state regulatory agency that could revoke the professional license of the practitioner?
Finally, while HIPAA provides for broad protections of privacy, state laws govern the confidentiality of the information provided in the context of a doctor-patient relationship. Tour the applicable evidentiary rules that cover confidentiality under state law. Know the most common exceptions to confidentiality where a law may allow a practitioner to breach confidentiality or may mandate the specific breach of confidentiality.
- Sources of legal and contractual requirements for medical records retention
- What information is mandated to be in a specific health care practitioner’s medical record
- Electronic records confidentiality, retention, and disposition
- State laws creating evidentiary privileges covering the doctor-patient relationship under applicable rules of evidence
- Exceptions to confidentiality that may merely allow a breach of confidentiality or my indeed mandate a breach
Course Level - Advanced
Who Should Attend
Health care law attorneys; licensed health care practitioners in private practice; medical directors of health facilities; office managers and medical directors of private medical offices; health care managers and executives; corporate counsel in health care; health care administrators; university faculty in health care; allied health professionals in graduate-level medical education across the many health care professions; corporate compliance officers; Individual health care practitioners; health care attorneys; government investigators; state and federal health care agencies; teachers and educators in graduate-level medical and legal education across the many health care professions; corporate counsel in health care; Attorneys at Law; Hospital Administrators; Health Care Facility Managers; Government employees; Physician and Medical Office Managers
Why Should You Attend
This webinar covers confidentiality beyond the privacy and other protections required by HIPAA. An in-depth overview of medical records keeping starts this webinar examining the state law sources and even contractual requirements of medical record keeping. The webinar proceeds to review exceptions to confidentiality that are most frequently encountered by mental health professionals who practice in a high-risk setting where the consequences of a misstep can be very high.
For many years now, HIPAA has provided a federal right to privacy for patient medical records, including mental health records. However, fearing issues not with federal mandates but with state laws, the mental health care practitioner must know and comply with individual state laws and ethics governing the confidentiality of client information in the context of a doctor-patient relationship. This is apart and beyond the technical components of HIPAA.
HIPAA has standardized office medical record-keeping, releases, and professional communications with third parties. But how is client confidentiality addressed beyond mere record-keeping? Competing interests and privacy mandates create tension with these differing mandates.
Mere compliance with HIPAA allows risk the practitioner is HIPAA-compliant but liable to other confidentiality issues. Not only do state laws and codes of ethics mandate confidentiality, but there are many state law exceptions recognized by HIPAA. The exceptions sometimes allow and sometimes mandate what would otherwise be a confidentiality breach.
The sanctity of the doctor-patient relationship then moves to an uncertain territory where client confidentiality meets a duty to act, such as, a duty to warn of impending harm or a duty to report suspected child abuse or neglect. Such duties to act do not require the permission of the client, or even the notification to the client, that information about them is being disclosed and reported. This uncertainty exists at a time when the practitioner is most vulnerable - when the practitioner must decide whether and how to act.
Doubtful conduct by practitioners will be examined to their detriment by patients suing for malpractice and licensure boards investigating breaches of confidentiality. This seminar will first review the standardized HIPAA requirements for patient medical records. From that perspective, the seminar will answer the issues presented by expanding to review state laws on patient confidentiality, evidentiary privileges, and exceptions mandated by law. Erase the uncertainty of situations where multiple sources of client confidentiality conflict that governs the secrets held in confidence by mental health practitioners – beyond HIPAA.