Got flagged for a Sleep Study today, told him to stick it where the sun don't shine.

Additionally, the Federal Government sees it differently: I've gathered my evidence and posted it here for everyone to examine: I've also placed in BOLD and RED the sections that applies to this scenario for your reference:

Taken from http://www.hhs.gov/hipaa/for-individuals/faq/187/what-does-the-hipaa-privacy-rule-do/index.html


What does the HIPAA Privacy Rule do?
Answer:
Most health plans and health care providers that are covered by the new Rule must comply with the new requirements by April 14, 2003.
The HIPAA Privacy Rule for the first time creates national standards to protect individuals’ medical records and other personal health information.

• It gives patients more control over their health information.
• It sets boundaries on the use and release of health records.
• It establishes appropriate safeguards that health care providers and others must achieve to protect the privacy of health information.
• It holds violators accountable, with civil and criminal penalties that can be imposed if they violate patients’ privacy rights.
• And it strikes a balance when public responsibility supports disclosure of some forms of data – for example, to protect public health.

For patients – it means being able to make informed choices when seeking care and reimbursement for care based on how personal health information may be used.

• It enables patients to find out how their information may be used, and about certain disclosures of their information that have been made.
• It generally limits release of information to the minimum reasonably needed for the purpose of the disclosure.
• It generally gives patients the right to examine and obtain a copy of their own health records and request corrections.
• It empowers individuals to control certain uses and disclosures of their health information.

If you would like to wind up in jail for HIPPA violations:
Taken from: http://www.ama-assn.org/ama/pub/phy...bility-act/hipaa-violations-enforcement.page?
Criminal Penalties-
In June 2005, the U.S. Department of Justice (DOJ) clarified who can be held criminally liable under HIPAA. Covered entities and specified individuals, as explained below, whom "knowingly" obtain or disclose individually identifiable health information in violation of the Administrative Simplification Regulations face a fine of up to $50,000, as well as imprisonment up to one year.
The DOJ concluded that the criminal penalties for a violation of HIPAA are directly applicable to covered entities—including health plans, health care clearinghouses, health care providers who transmit claims in electronic form, and Medicare prescription drug card sponsors. Individuals such as directors, employees, or officers of the covered entity, where the covered entity is not an individual, may also be directly criminally liable under HIPAA in accordance with principles of "corporate criminal liability." Where an individual of a covered entity is not directly liable under HIPAA, they can still be charged with conspiracy or aiding and abetting.

If you would like to wind up being civilly liable for HIPPA violations:

Failure to comply with HIPAA can result in civil and criminal penalties (42 USC § 1320d-5).
Civil Penalties
The “American Recovery and Reinvestment Act of 2009”(ARRA) that was signed into law on February 17, 2009, established a tiered civil penalty structure for HIPAA violations (see below). The Secretary of the Department of Health and Human Services (HHS) still has discretion in determining the amount of the penalty based on the nature and extent of the violation and the nature and extent of the harm resulting from the violation. The Secretary is still prohibited from imposing civil penalties (except in cases of willful neglect) if the violation is corrected within 30 days (this time period may be extended).

I would argue that transmitting medical information about a person "for business purposes" or "Anyone who works with DOT regulations" to see, use, or transmit medical information. Once the US Department of Justice ( US Attorney's Office) had those persons in jail, I would file a civil lawsuit claiming damages and cite the criminal case as reference in support of my evidence. Once the court ruled this matter would set precedence for others; so you can see Ridgeline, you might actually HELP people win their cases, I knew you might now see things differently.

But in the mean time------


Please explain how my knowledge is flawed?--- because by stating that you also state the Federal Government's knowledge is flawed as it relates to protecting patient medical information, and they are the ones who created the laws!

AGAIN----knowledge is power---the correct knowledge, not something someone made up!

Care to dance again?...I'm always up for a good challenge

 

Believe what you want, but the problem is I'm right.

Here is why.

I specialized in HIPAA for a bunch of years, went through a lot of training and did a lot of work for clients in the medical industry on different aspects of medical privacy. I also had legal training in medical privacy which also had to do with HIPAA.

I may have forgot a lot of things because I only consult at my former company from time to time and only take any updated training when needed but one thing I didn't forget is the exceptions to the regulations when it comes to this.

If you want to know, read the regulations because it is there - US DOT and those subjected to their regulations are exempt from HIPAA because of the nature of the work and the way we have our physical records kept but more importantly how the process works. This includes rail, air and other US DOT regulated activities (and they are not the only one there are other agencies that have exemptions).

The reason for the exemption is because the companies (carriers) are supposed to keep a record of the physical by the regulations of the DOT which means that little or no training exists in how to handle those records or what a breech is if one occurs. Even today, there is no regulation about electronic data and no real standards that ensure protection of your files when they are in the hands of non-medical persons or companies.

On top of that, HIPAA only covers medical/insurance personal, it does not cover anyone else and never was intended to. SO if your company wants to release your info to another employer, they can legally if you think it is covered under HIPAA.

In the case of an examiner, they are required to pass that info onto the carrier through the long form if the carrier is required to have proof and the state licensing agency, neither are covered.

AND by the way, if you read the regulations, you can also get where the limitations are for protection. it is not really about privacy, it was about accountability that they gutted to make the law passable in congress. The first and second rendition of the bill was better for us, the third and fourth coming out of the recommendation committee had a lot of things removed, like the standardization of medical records and the way insurance claims were processed - it still isn't set.

What it was passed for is to meddle into medical privacy, many states had some privacy rules but the feds thought it was a great idea to create a law that was supposed to allow insurance companies to share info, by allowing records to be standardized and then put in protections that ensured that medical info wasn't used for other purposes. Much of it is unenforceable.

Oh and by the way, I get a kick out of these people at these medial providers handing me a piece of paper expecting me to sign it. When I asked them specific questions about what it on the paper and why should I sign it, they can't answer them at all. Next time ask for a thorough explanation because I know you won't get it. Most can't even tell you what the letters in HIPAA means.

 

This isn't about being right or wrong, it's about facts. I've provided documented evidence and cited Federal Statues as my supporting evidence. Again, can you please direct me to the Federal "exception" you claim exists?

Your arguments are not supported by any evidence and you claim facts that are contradictory to Federal Statutes, namely 42 USC § 1320d-5...General penalty for failure to comply with requirements and standards.

yet YOU claim these standards do not exist when I can prove they not only exist, they are well documented in Federal Law. You also claim HIPPA rules don't apply by your statements:

"On top of that, HIPAA only covers medical/insurance personal, it does not cover anyone else and never was intended to. SO if your company wants to release your info to another employer, they can legally if you think it is covered under HIPAA.".....

You also wrote:
"The reason for the exemption is because the companies (carriers) are supposed to keep a record of the physical by the regulations of the DOT which means that little or no training exists in how to handle those records or what a breech is if one occurs."

So I guess law schools exist for no reason and that people who become Attorneys have "no training" on handling a breach of Duty?

Again, please cite this exception you speak so highly sir, PLEASE!

So again, unless you can document using Federal Laws that apply to the United States, you may want to re-think your strategy here. Also I don't like to engage in a battle of wits with Un-Armed opponents who cannot spell correctly. (see red spelling errors that are part of your responses)

Care to dance again....I'm always up for a good challenge!...but wait, this isn't really a challenge since we are not equals.

Judgement for the Plaintiff...(gavel falls)

You may exit.

And Happy Easter!---you too Ridgeline.

 

Robert I don't have a dog in this fight, and didn't really care to look into the regulations or your link, I figured somebody smart would come along and clear this up lol. I was siding with Ridgeline, and I would think your DOT employer would have an exemption to these rules. But after you last post I looked at the link and it does say this:

Who Is Not Required to Follow These Laws
Many organizations that have health information about you do not have to follow these laws.

Examples of organizations that do not have to follow the Privacy and Security Rules include:

• Life insurers
• Employers
• Workers compensation carriers
• Most schools and school districts
• Many state agencies like child protective service agencies
• Most law enforcement agencies
• Many municipal offices

I think you sign papers in the doctors office that allows them to share your health info, yes?

 

Requests from your employer
Your employer can ask you for a doctor’s note or other health information if they need the information for sick leave, workers’ compensation, wellness programs, or health insurance.

However, if your employer asks your health care provider directly for information about you, your provider cannot give your employer the information without your authorization unless other laws require them to do so.

Generally, the Privacy Rule applies to the disclosures made by your health care provider, not the questions your employer may ask.

See 45 C.F.R. §§ 160.103 and 164.512(b)(1)(v), and OCR's Frequently Asked Questions.

For employer issues, contact:

• Department of Labor: (866) 4-USA-DOL
• Equal Employment Opportunity Commission: (800) 669-4000

 

This is from the DOT, I've got to dig out my other stuff to show you where it is in the actual law. If I get to it today I will post it.

Here is a copy ===> https://cms.dot.gov/sites/dot.gov/files/docs/HIPAA_Stmnt_0706.pdf


General Issue Update 07/06
QUESTION:
Are employers and their service agents in the Department of Transportation (DOT) drug
and alcohol testing program required to obtain employee written authorizations in order
to disclose drug and alcohol testing information?

I'm stopping right here because the crux of all of this hinges on the right of the patient to authorize the use of the data gathered from a provider. This is the question asked about HIPAA.

ANSWER:
• In the DOT drug and alcohol testing program, employers and service agents are not required to obtain written employee authorization to disclose drug and alcohol testing information where disclosing the
information is required by 49 CFR Part 40 and other DOT Agency & U.S. Coast Guard (USCG) drug and alcohol testing regulations. 49 CFR Part 40 and DOT Agency & USCG regulations provide for
confidentiality of individual test-related information in a variety of other circumstances.

• Even if drug and alcohol testing information is viewed as protected under the Health Insurance Portability and Account ability Act of 1996 (HIPAA) rules, it is not necessary to obtain employee written authorization where DOT requires the use or disclosure of otherwise protected health information under 49 CFR Part 40 or the other DOT Agency & USCG drug and alcohol testing regulations.

• Unless otherwise stipulated by 49 CFR Part 40 or DOT Agency & USCG regulations, use or disclosure of the DOT drug and alcohol testing information without a consent or authorization from the employee is required by the Omnibus Transportation Employees Testing Act of 1991, 49 CFR Part 40, and DOT
Agency & USCG drug and alcohol testing regulations.

• Consequently, an employer or service agent in the DOT program may disclose the information without the written authorization from the employee under many circumstances. For example:

-- Employers need no written authorizations from employees to conduct DOT tests.

-- Collectors need no written authorizations from employees to perform DOT urine collections, to distribute Federal Drug Testing Custody and Control Forms, or to send specimens to laboratories.

-- Screening Test Technicians and Breath Alcohol Technicians need no written authorizations from employees to perform DOT saliva or breath alcohol tests (as appropriate), or to report alcohol test results to employers.

-- Laboratories need no written authorizations from employees to perform DOT drug and validity testing, or to report test results to Medical Review Officers (MROs).

-- MROs need no written authorizations from employees to verify drug test results, to discuss alternative medical explanations with prescribing physicians and issuing pharmacists, to report results to employers, to confer with Substance Abuse Professionals (SAPs) and evaluating physicians, or to report other
medical information (see §40.327).

-- SAPs need no written authorizations from employees to conduct SAP evaluations, to confer with employers, to confer with MROs, to confer with appropriate education and treatment providers, or to provide SAP reports to employers.

-- Consortia/Third Party Administrators need no written authorizations from employees to bill employers for service agent functions that they perform for employers or contract on behalf of employers.

-- Evaluating physicians need no written authorizations from employees to report evaluation information and results to MROs or to employers, as appropriate.

-- Employers and service agents need no written authorizations from employees to release information to
requesting Federal, state, or local safety agencies with regulatory authority over them or employees.

This applies across the board, not just about drug testing, which is more of an issue than the physical part.

There is a really good explanation written by a lawyer who deals with transportation issues somewhere on the web, I will also look for it, it pretty much says the same thing.

What I am rambling about in all of this is not letting false information or assumptions from screwing up someone. Try using HIPAA to fight an examiner will make your argument worthless at the same time put a person in a possible problem with their employer or carrier.

I have seen some pretty poor behavior by medical and company people about personal information. Just looking at the cases of medical records left to be put in dumpsters when offices get evicted should tell you that HIPAA is a hollow threat to people, I have only seen one prosecution of one doctor's office manager for her neglect and that only came about when the info was used for something really bad - not id theft.

 

Some really good information in this thread. . . I really appreciate the time you guys take to put facts out there for the rest of us. When i need another Attorney several of you could make my list. We have some really smart truckers out here, but pointing out spelling errors seems very petty when you guys are laying down some serious helpful information that benefits us all.

 

Doesn't matter what the 1st doc "reports" as you have the absolute right to seek a second opinion. Having a CDL doesn't change that fact.

 

Exactly Marine Ethos. Exactly. If you listen to the gossip and take action based on what you heard in the truckstop, online trucking forums, you too can loose everything, just as one of those lease purchase drivers!

Besides, it's Easter...I'm headed out to enjoy a nice steak dinner. Happy Easter. I'll be back in the truck Wednesday (it pays to not have a truck or trailer payment)