Associate Level Material

Appendix C

JSBMHA and HIPAA Case Study

Jim and Betty are both MSWs-social workers with master's degrees in Social Services. They work at the Jefferson St. Clair-Blount Mental Health Authority (JSBMHA), a certified agency for the provision of services to families and individuals who have mental, psychological, or addiction issues. Both Jim and Betty provide direct services to clients on a referral basis and each carries a significant caseload, made greater by the recent resignation of another MSW. Jim is a seasoned social worker who has more than 20 years experience in direct social services and social service administration. Betty is a relatively new social worker; this is her first job out of college.

One day after work, Jim and Betty meet for coffee in the cafeteria where Betty reveals that she has had a very difficult day. She discusses in detail a challenging case about a family with an alcoholic mother and a codependent father. The case involves three children under the age of 10 and Betty discusses each by name, their personalities, and physical appearances. She is very concerned about the children's well-being in the home environment. Betty gives concrete examples of her concern for each child. Jim offers Betty support and advice on how to handle the case, and refers to a previous case they worked on together. The names and details of that earlier case are also discussed.

The next day, both Jim and Betty are summoned to the JSBMHA director's office where they are confronted about their conversation in the cafeteria. Apparently, the grandmother of the three children Betty is working with overheard the discussion in the cafeteria. After hearing the conversation, she approached the organization's director with concerns about the confidentiality and privacy of her family and the other family discussed.

Questions

1. How does HIPAA serve to protect patient rights?

HIPAA (Health Insurance Portability and Accountability Act) protects patient rights by first requiring that health insurance be made portable and accountable. Members must be allowed to retain their health insurance if they agree to pay the difference in premiums once they have left a group insurance plan (this is called going on COBRA, after the Congressional Omnibus Budget Reconciliation Act). Also, HIPAA protects the release of private health information, or PHI, by requiring validation of callers before that information can be released. Failure to comply with HIPAA can result in penalties levied by the federal government to the offending party, whether it is a healthcare provider, such as a doctor or hospital, or an insurance company.

2. What areas of the JSBMHA did HIPAA compliance