For many kinds
of use and disclosure, Florida statutes and regulations related
to health information afford equal or greater protections
than HIPAA, and so remain in force under the latter's preemption
exception for "more stringent" state protections.
So do many if not
most Florida provisions related to information use for public
health and health system oversight, which are also generally
excepted by HIPAA. (It is not because such exceptions promote
privacy, but rather that these activities are seen as core
state functions that trump privacy concerns.)
Compared to the
federal HIPAA regulations, this state's provisions related
to health privacy present both formidable size and complexity
-- hundreds of entries are spread across more than 1,000 "chapters"
of the Florida statutes and administrative code.
This large and
diffuse set of provisions, constructed incrementally over
a long time period, does not always yield consistent answers.
For example, the statutory privacy provisions that apply to
hospitals and ambulatory surgical facilities (clustered in
Florida statute chapter 395) sometimes are identical to those
for other types of health facilities and health care practitioners
(grouped in chapter 456). But sometimes there is a wide divergence
-- that eludes any logical explanation.
The legal approaches
for reconciling such incongruities are beyond the scope of
this glossary. We offer here only a summary description of
the differences. Readers with questions about the details
should consult the official text directly -- all of which
is available online via links provided at the end of this
entry) -- and/or get advice from legal counsel.
should be paid to the statements about privacy in the Patient's
Bill of Rights and Responsibilities. It provides the best
overarching summary of the state's "intentions"
as to the balance between privacy and other health system