HIPAA Privacy – Personal Representatives and Minors

Personal Representatives. The Privacy Rule requires a covered entity to treat a “personal representative” the same as the individual, with respect to uses and disclosures of the individual’s protected health information, as well as the individual’s rights under the Rule.84 A personal representative is a person legally authorized to make health care decisions on an individual’s behalf or to act for a deceased individual or the estate. The Privacy Rule permits an exception when a covered entity has a reasonable belief that the personal representative may be abusing or neglecting the individual, or that treating the person as the personal representative could otherwise endanger the individual.

Special case: Minors. In most cases, parents are the personal representatives for their minor children. Therefore, in most cases, parents can exercise individual rights, such as access to the medical record, on behalf of their minor children. In certain
exceptional cases, the parent is not considered the personal representative. In these situations, the Privacy Rule defers to State and other law to determine the rights of parents to access and control the protected health information of their minor children.
If State and other law is silent concerning parental access to the minor’s protected health information, a covered entity has discretion to provide or deny a parent access to the minor’s health information, provided the decision is made by a licensed health care professional in the exercise of professional judgment.

Sorry, comments are closed for this post.