Taxing Matters
Overtaxed Member
Nothing in HIPAA restricts the hospital from treating anyone. The HIPAA privacy rule only restricts the people to whom the hospital may disclose protected health information (PHI). So the hospital certainly could have treated her, and they also could have had you sign to take on the obligation to pay for the care, too, without violating HIPAA. As a result, I don't see any reason why she needed to argue about HIPAA at the time of admitting your child. The time to argue about HIPAA is when you'd need to get PHI from the hospital regarding your daughter.Can you point me to the part of HIPAA that covers this?
That said, the real issue at the time of admitting your kid is whether the hospital has the necessary consent to provide treatment. It isn't HIPAA that addresses consent for treatment, though the admitting nurse (or whatever position she was) may have thought that involved HIPAA. But while HIPAA isn't the law that addresses this, it is still the case that the hospital needs to get the consent of the patient if the patient is both legally and medically competent to grant consent, or get the consent of the patient's legal parent or guardian. Exactly what is needed depends on the applicable state law. In Colorado, when the parents are divorced which parent(s) may grant consent for treatment depends on the terms of the current custody/visitation order. Some orders grant the custodial parent the sole decision making power for medical treatment, at least absent a true emergency. Because of this medical personnel are often reluctant to assume an noncustodial parent has the power to consent to treatment for a minor and want to be sure of it before they proceed to provide treatment. So if the hospital admissions person was unsure of your ability to provide consent to treatment I can understand her caution. Providing treatment without proper consent (other than true emergencies when it is not possible to get consent before treatment needs to be provided) can cause the hospital all kinds of problems.
Note that in some instances the minor herself may give the consent to treatment. Colorado has a very detailed booklet on minor consent that you may find helpful.
Now back to HIPAA. As the child's parent, in general you are entitled to her PHI while she is still a minor so long as you qualify under the HIPAA regulations as being the child's personal representative. In particular, the applicable rule states the general rule as follows:
If under applicable law a parent, guardian, or other person acting in loco parentis has authority to act on behalf of an individual who is an unemancipated minor in making decisions related to health care, a covered entity must treat such person as a personal representative under this subchapter, with respect to protected health information relevant to such personal representation, except that...
45 C.F.R. § 164.502(g)(3)(i)(bolding added). As you can see from what I bolded, generally your right to PHI is tied to your authority to make health decisions for your child. So again, the current custody and visitation orders would be important. The rule does provide an exception for parent or guardian acting in loco parentis (which would include a noncustodial parent who is not the personal representative of the child but presently has physical control of the child during his/her visitation time) that would allow that parent to get the child's PHI if state law expressly allows for that. If state law expressly does not allow for it, then the disclosure must be denied. If state law is silent on it, then it falls to the discretion of the licensed medical professional. See 45 CFR § 164.502(g)(3)(ii).So the bottom line on HIPAA here is that the provider has to be careful to ascertain whether the parent asking for the child's PHI either qualifies as the child's personal representative or is expressly qualified under state law to get it under the in loco parentis exception.
The full HHS HIPAA regulations spell it all out in great detail.
The rules are complex enough that many medical professionals do get confused as exactly when disclosure is authorized. If they are uncertain, it's easier in the moment to say no rather than risk the chance of making an unauthorized disclosure.