Legislation would ensure communications about sensitive health care services are automatically confidential
Sacramento, CA—Legislation authored by Assemblymember David Chiu (D-San Francisco) to expand and protect patient confidentiality in California passed the Assembly Privacy and Consumer Protection Committee today. Assembly Bill 1184 would require health insurance companies to establish protocols that automatically protect the privacy of patients who access sensitive health care services.
“Patients should not forgo the health care they need because they are worried about their privacy being violated,” said Assemblymember Chiu. “By protecting privacy, this bill is a simple step that will go a long way towards keeping California patients safe and healthy.”
The Affordable Care Act allowed young adults to stay on their parents’ health insurance plans until age 26. Also, many people are on their spouse’s health insurance plan. As a result, oftentimes people who are insured are not the primary policy holder -- and thus not the primary contact for communications with the insurance company.
The primary policy holder typically receives explanations of benefits statements and other communications from insurance companies about the care provided to all beneficiaries on the plan.
There may be times when it is inappropriate or dangerous for the primary policy holder to receive information about health care services beneficiaries receive. This can be problematic for “sensitive health services” related to reproductive health, sexually transmitted infections, substance use care, mental health care, transgender health care, or intimate partner violence.
For example, it may be dangerous in some circumstances for a transgender young adult to reveal they are transgender to their parents. Similarly, a person may not be safe if their partner finds out they received care related to intimate partner violence.
Under the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), patients can ask insurers to send sensitive information to someone other than the primary policy holder. California law provides patients an added layer of protection by requiring insurance companies to reasonably accommodate confidential communication requests (CCR) for sensitive services provided.
However, there is no standard process for requesting confidentiality, and enforcement has been sporadic. Patients can file a complaint with the California Department of Managed Health Care if an insurance company fails to accommodate a CCR, but by that time, the breach of privacy has already occurred.
AB 1184 would ensure patient information is protected by establishing automatic confidentiality when accessing sensitive services, putting the responsibility on the insurer rather than the patient. The bill would also expand the current definition of sensitive services to include transgender health care and behavioral health care.
AB 1184 is sponsored by Planned Parenthood Affiliates of California. The bill will now move on for a hearing in the Assembly Appropriations Committee.