My State law authorizes health care providers to report suspected child abuse to the State Department of Health and Social Services. Does the HIPAA Privacy Rule preempt this State law?
No. The Privacy Rule permits covered health care providers and other covered entities to disclose reports of child abuse or neglect to public health authorities or other appropriate government authorities. See 45 C.F.R. 164.512(b)(1)(ii). Thus, there is no conflict between the State law and the Privacy Rule, and no preemption. Covered entities may report such information and be in compliance with both the State law and the Privacy Rule. Further, even in the unusual case where a State law that provides for the reporting of disease or injury, child abuse, birth, or death, or for public health surveillance, investigation, or intervention is contrary to a provision of the Privacy Rule that is, it is impossible for a covered entity to comply with both the Privacy Rule and the State law, or the State law is an obstacle to accomplishing the full purposes and objectives of HIPAAs Administrative Simplification provisions the Administrative Simplification Rules specifically provide an exception
Related Questions
- My State law authorizes health care providers to report suspected child abuse to the State Department of Health and Social Services. Does the HIPAA Privacy Rule preempt this State law?
- What persons are mandated by the state to report suspected child abuse or neglect and what are the penalties for failure to report?
- What happens when a report of child abuse or neglect is made to the Frederick County Department of Social Services?
