As the U.S. Department of Health and Human Services continues to refine “42 CFR Part 2,” privacy regulations around sharing substance use disorder patient records, the issue is becoming more urgent as health systems and state governments work on social determinants of health efforts.
Speaking at the Office of the National Coordinator for Health IT’s Third Interoperability Forum in Washington, D.C., this week, Morgan Honea, CEO of the Colorado Regional Health Information Organization (CORHIO), spoke about the challenge of getting state agencies on the same page in regard to privacy policy. “CFR 42 Part 2 flies in the face of what we are trying to do on the opioid epidemic,” he said.
Other community information exchange efforts will run into legal issues about consent and access, Honea added. “As we wander into social determinants, there is a vast array of privacy and governance issues across state agencies and federal programs. We are just starting to scratch the surface. I recommend dusting off your legal manuals and getting ready.” For instance, he said, the Colorado Department of Human Services operates under 137 privacy policies, including ones for adopted children. Different state agencies such as public health and Medicaid may even interpret HIPAA differently. “It is shocking how little communication happens around these issues until it boils up to the attorney general’s office,” he said
Honea credited the State of California as having done some important work in this area by creating guidance for state agencies. In 2017, the California Office of Health Information Integrity (CalOHII) with support from the California Health Care Foundation created guidance on how behavioral healthcare providers can safely share substance use disorder and mental health patient records.
The State Health Information Guidance (SHIG) is authoritative but non-binding guidance that explains when and where mental health and substance use disorder records can be exchanged between providers involved in coordinating patient care. It grew from research drawn from a broad group of stakeholders and reflects cross-industry insights and experience.
CalOHII said the SHIG lays the groundwork for an ongoing dialog on how to continue to improve the appropriate sharing of health information. The SHIG:
• Provides an authoritative but non-binding guidance from the State of California written in plain language for a general audience;
• Explains when, where, and why mental health and substance use disorder information can be exchanged;
• Provides clarification of state and federal laws; and
• Contains 22 scenarios derived from real user stories, which clarify how laws apply to actual situations that arise for care providers.
As the California Health Care Foundation’s Catherine Teare noted in a blog when the SHIG was introduced, state initiatives such as Medi-Cal’s Whole Person Care pilots, which aim to coordinate care across traditional silos for people with complex needs, will also be well-served by this guidance. The SHIG also should help health information exchanges grapple with the sharing of data controlled by multiple legal structures, she added.
CalOHII has said that possible future additions to SHIG include how to deal with sensitive data regarding HIV/AIDs, foster children, minors, electronic signatures, and developmental disabilities.
