There’s a myth out there. A myth many doulas believe. A myth perpetuated bu those who do not understand the law. The myth is that doulas need to be careful of client privacy to comply with HIPAA.
First, trust no one who spells it “HIPPA” – it’s the “Health Insurance Portability and Accountability Act” – the word “privacy” isn’t even in the title. It deals largely with electronic communications and medical records. Privacy laws are only one part of HIPAA.
And doulas are not subject to HIPAA. According to the official HIPAA web site, covered entities are:
- Health Plans (insurance companies, Medicaid, HMOs)
- Health Care Clearinghouses (Companies that amass large amounts of data for research or education)
- Health Care Providers like doctors and midwives…but “only if they transmit any information in an electronic form in connection with a transaction for which HHS has adopted a standard.”
Doulas do not fit into any of those categories, which means they do not have to comply with HIPAA. Yet I still hear “As a doula, I consider myself under HIPAA whether I legally am or not!”
So that means you…..
- Have that written policy posted on the wall at the place where you are providing services?
- Have approved locks and secure shredding facilities for your paperwork?
- Have written procedures in place for handling complaints?
Because these are ALL requirements of HIPAA, and if you consider yourself “under HIPAA”, then you’d better start doing them!
So please, let’s stop citing HIPAA as the reason for client confidentiality. Let’s just do it because it is the right thing to do!