| whistleblowers
(HIPAA)
HIPAA
regulations permit workforce
members of covered entities
-- or of business associates
-- to disclose protected
health information (PHI) in order to expose unlawful or
unprofessional conduct.
Such "whistleblower"
disclosures must be:
- based on a "good
faith belief" that such unlawful of unprofessional
conduct has occurred, and that disclosure of the PHI is
necessary to revealing it;
- made to a health
oversight agency, public
health authority or other entity authorized by law to
investigate such conduct (such as a law
enforcement agency), or to an attorney retained for
the purposes of determining legal options in the matter;
and
- no more than
reasonably necessary to establish the unlawful or unprofessional
conduct (given that the minimum
necessary standard can reasonably be inferred to cover
all actions associated with PHI).
Note that HIPAA
regulations also prohibit covered entities from intimidating
or retaliatory acts against persons who expose problems
or bring complaints.
See also:
|
