BIOMEDICAL ETHICS - University of South Florida
Download
Report
Transcript BIOMEDICAL ETHICS - University of South Florida
BIOMEDICAL
ETHICS
R.B. FRIEDLANDER
Deputy General Counsel
What is Biomedical Ethics?
Philosophical study of ethical controversies
brought about by advances in biology and
medicine
Relationship among
◦
◦
◦
◦
◦
◦
life sciences
biotechnology
medicine
politics
law – discussion today
philosophy
Biomedical Ethics
– A Few Legal Areas
Today’s topics
◦
◦
◦
◦
◦
Confidentiality
HIPAA
Compliance
Informed Consent
Whistleblowers
Takeaway Points
Use common sense
Go with your gut — do the right thing
Ask the experts
If you proceed, how would it appear on the
front page of the newspaper?
Could you defend the benefits vs. the risks in
a way a non-clinician / non-researcher could
understand?
Biomedical Ethical Issues
– Numerous and Complex
Don’t try to know all the applicable
rules/regulations/laws on the topics of
confidentiality, compliance, HIPAA, informed
consents, etc. – leave it to the lawyers. USF
also relies on expert outside counsel
With bioethical issues, not always a matter
of what one can or cannot do — it’s often a
matter of weighing the risks vs. benefits
Confidentiality in the
University World
HIPAA applies to covered entities (more later)
Florida state law on medical privacy is more
restrictive than HIPAA
◦ Which is allowable
Student records protected from disclosure under
FERPA — also applies to Residents
Generally, all written records of faculty or staff of
this University can be released to the public
◦ Exemption from disclosure examples:
Social Security Numbers
Medical information
Research protocols
Impaired practitioner information
Florida Laws on Medical Records
Medical records are confidential
Some records are “Super” confidential
◦
◦
◦
◦
◦
Mental health
Substance abuse
STDs
Genetic testing
HIV
Health Insurance Portability and
Accountability Act of 1996 - HIPAA
Goal
◦ To protect patient privacy, Protected Health
Information (PHI) and allow portability of health
insurance.
◦ Covers privacy, security (use of technology)
◦ Broad congressional attempt at healthcare reform
HIPAA
Purpose is to increase efficiency and
effectiveness of health care system through
◦ Electronic exchange of information
◦ Standardization of that information
◦ Enhanced security and privacy of Protected
Health Information (PHI)
HIPAA
Perceived need – 1 in 6 patients omit medical history
information from physician out of fear of misuse or
mishandling
Applies to covered entities, health plans, HMOs,
Medicare, providers, health clearinghouses.
USF is a “hybrid” covered entity. USF College of
Medicine, College of Nursing, Student Health Services,
Byrd Institute are covered because they are entities
providing medical treatment for which they
electronically bill.
Covered entities must:
◦ Maintain reasonable & appropriate safeguards
◦ Maintain physical safeguards
HIPAA Privacy Rule
Key Features
PHI
Uses and disclosures
Consents
Authorization
Notice of privacy practices
Minimum necessary information given
Patient rights
Business associates
Marketing, fundraising and research
Interaction with state privacy and confidentiality laws
Penalties
HIPAA Acronyms
PHI
Protected Health Information - Health and
demographic information about an individual
IIHI
Individually Identifiable Health Information,
e.g., name, address, dates, telephone number, SSN,
medical record #, fingerprints, photographic images,
etc.
Permitted Use of PHI / IIHI –“TPO”
Subject to a general consent from the
patient, HIPAA permits use or disclosure
within the covered entity or to a business
associate for
◦ Treatment
◦ Payment
◦ Health Care Operations, which can include
Qualify assessment and improvement
Peer review/credentialing
Medical review, legal services, auditing
Business planning and development
Administrative activities
HIPAA Requirements
Providers must obtain prior consent to
treatment, except
◦ In emergencies, or
◦ Where provider is obligated by law to provide
care
◦ Providers can condition treatment on granting of
consent to treatment
Authorization must be obtained for all uses and
disclosures other than TPO or those mandated
by law
Provider must give privacy notice to patients
HIPAA - Other Applicability
Business Associate
Person or entity who provides services on behalf
of covered entity or to a covered entity and is not
a member of your workforce
Research
If it involves health information about living
participants, deceased persons, is related to human
tissue samples, chart review and or stored in
databases or repositories
Individual Rights Under HIPAA
Receive written notice of privacy practices
Request restrictions on uses and disclosures
Access, inspect and copy their PHI
Request amendment or correction of the
PHI
Receive an accounting of disclosures of their
PHI (except those related to treatment,
payment and operations)
Enforcement of HIPAA
— as to state agencies
Enforcement
◦
◦
◦
◦
DHHS/OIG
CMS
DOJ
State Attorneys General
Penalties for the intent to sell or use PHI
◦ Civil and criminal penalties with fines up to
$250,000, and/or
◦ 10 years in prison
Amendments to HIPAA – HITECH
HITECH – Health Information Technology
for Economic and Clinical Health
◦ Part of the American Recovery and Reinvestment
Act (ARRA) of 2009 – eff. 2/17/09
◦ Expanded definition of privacy breaches
◦ Greater reporting/notification of suspected
breaches
◦ Responsibility to investigate breaches and
mitigate losses enhanced
◦ Improved enforcement
Compliance
Just do it
Someone else’s alleged non-compliance does
not grant permission to others to do the same
Hundreds of laws/regulations USF employees
have to comply with in medical/research areas
Different types of conflict of interest
considerations
◦ Sponsored research
◦ As a public officer/employee
◦ University employment/conflict of commitment,
institutional COI
Whistleblowers
Federal and State False Claims Act (FCA)
— see class handout
Federal FCA
◦
◦
◦
◦
◦
Old law
Very broadly defined
Whistleblower protections
Penalties steep – civil penalty for each claim
Multi-million dollar payouts, even for public
entities, e.g., UMDNJ – over $350M
Other “Whistleblower” Provisions
Other state laws on subject
General state law on whistleblowers
– not just in medical arena
◦ Usually applied in employment-related context
Important principle for USF
– if complaint is made, no retaliation allowed
Informed Consent
Consents & authorization requirements
◦
◦
◦
◦
Written in plain language
Inform patient of the procedure’s risks/benefits
How will it be used
Signed and dated
Divorced parents
◦ Either parent can consent to medical or surgical treatment
unless court order provides otherwise
◦ Physical custody does not determine authority to consent
◦ If divorced parents disagree, consent of either parent will
suffice
Non-parents can consent under certain
circumstances
Minor’s Rights
Minors can give consent in certain situations
◦
◦
◦
◦
Emancipated
Married minor
Pregnant minor
Minor mother
Minors can consent for treatment of
◦
◦
◦
◦
STDs
Maternal health/contraception
Substance abuse
Outpatient emotional crisis counseling
Valid Authorizations
Authorizations must be obtained for all uses
other than TPO or those mandated under
law and must include:
◦ Description of the information to be disclosed
◦ Name of person or entities to whom the
information will be disclosed
◦ An expiration date
◦ Information regarding right to revoke
◦ Date and signature
Consent Principles
Remember…
Have consents drafted and reviewed by
counsel with input from providers
Inform patient what is happening and what
might happen
Verify they understand scope of the consent
Discuss consent in person
Don’t rely exclusively on a consent to insure
no legal action will be brought
Conclusion
Do what’s right in medical/research context
◦ What did your mother tell you?
For healthcare providers, treat in emergency
Providers discuss mistakes when needed to
improve treatment/performance for future
patients
Let lawyers worry about legal consequences
◦ Do the right thing!