Welcome to DU!
The truly grassroots left-of-center political community where regular people, not algorithms, drive the discussions and set the standards.
Join the community:
Create a free account
Support DU (and get rid of ads!):
Become a Star Member
Latest Breaking News
Editorials & Other Articles
General Discussion
The DU Lounge
All Forums
Issue Forums
Culture Forums
Alliance Forums
Region Forums
Support Forums
Help & Search
General Discussion
In reply to the discussion: This may explain why they are hiding Mitch McConnell's condition [View all]progressoid
(53,599 posts)68. HIPAA Privacy Rule protections continue for 50 years after a person's death
https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/health-information-of-deceased-individuals/index.html
Background
The HIPAA Privacy Rule protects the individually identifiable health information about a decedent for 50 years following the date of death of the individual. This period of protection for decedent health information balances the privacy interests of surviving relatives and other individuals with a relationship to the decedent, with the need for archivists, biographers, historians, and others to access old or ancient records on deceased individuals for historical purposes. During the 50-year period of protection, the personal representative of the decedent (i.e., the person under applicable law with authority to act on behalf of the decedent or the decedents estate) has the ability to exercise the rights under the Privacy Rule with regard to the decedents health information, such as authorizing certain uses and disclosures of, and gaining access to, the information. With respect to family members or other persons involved in the individuals health care or payment for care prior to the individuals death, but who are not personal representatives, the Privacy Rule permits a covered entity to disclose the relevant protected health information of the decedent to such persons, unless doing so is inconsistent with any prior expressed preference of the deceased individual that is known to the covered entity.
How the Rule Works
The HIPAA Privacy Rule applies to the individually identifiable health information of a decedent for 50 years following the date of death of the individual. The Rule explicitly excludes from the definition of protected health information individually identifiable health information regarding a person who has been deceased for more than 50 years. See paragraph (2)(iv) of the definition of protected health information at § 160.103. Thus, for example, a HIPAA covered entity that maintains health or medical records, correspondence files, physician diaries and casebooks, or photograph collections that contain identifiable health information on individuals who have been deceased for more than 50 years may use or disclose the information without regard to the Privacy Rule because the information is not considered protected health information.
During the 50-year period of protection, the Privacy Rule generally protects a decedents health information to the same extent the Rule protects the health information of living individuals but does include a number of special disclosure provisions relevant to deceased individuals. These include provisions that permit a covered entity to disclose a decedents health information: (1) to alert law enforcement to the death of the individual, when there is a suspicion that death resulted from criminal conduct (§ 164.512(f)(4)); (2) to coroners or medical examiners and funeral directors (§ 164.512(g)); (3) for research that is solely on the protected health information of decedents (§ 164.512(i)(1)(iii)); and (4) to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of cadaveric organs, eyes, or tissue for the purpose of facilitating organ, eye, or tissue donation and transplantation (§ 164.512(h)). In addition, the Privacy Rule permits a covered entity to disclose protected health information about a decedent to a family member, or other person who was involved in the individuals health care or payment for care prior to the individuals death, unless doing so is inconsistent with any prior expressed preference of the deceased individual that is known to the covered entity. This may include disclosures to spouses, parents, children, domestic partners, other relatives, or friends of the decedent, provided the information disclosed is limited to that which is relevant to the persons involvement in the decedents care or payment for care. See 45 CFR 164.510(b)(5). For uses or disclosures of a decedents health information not otherwise permitted by the Privacy Rule, a covered entity must obtain a written HIPAA authorization from a personal representative of the decedent who can authorize the disclosure. A decedents personal representative is an executor, administrator, or other person who has authority under applicable State or other law to act on behalf of the decedent or the decedents estate. See 45 CFR 164.502(g)(4), as well as guidance on personal representatives available at: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/personalreps.html, for more information.
Background
The HIPAA Privacy Rule protects the individually identifiable health information about a decedent for 50 years following the date of death of the individual. This period of protection for decedent health information balances the privacy interests of surviving relatives and other individuals with a relationship to the decedent, with the need for archivists, biographers, historians, and others to access old or ancient records on deceased individuals for historical purposes. During the 50-year period of protection, the personal representative of the decedent (i.e., the person under applicable law with authority to act on behalf of the decedent or the decedents estate) has the ability to exercise the rights under the Privacy Rule with regard to the decedents health information, such as authorizing certain uses and disclosures of, and gaining access to, the information. With respect to family members or other persons involved in the individuals health care or payment for care prior to the individuals death, but who are not personal representatives, the Privacy Rule permits a covered entity to disclose the relevant protected health information of the decedent to such persons, unless doing so is inconsistent with any prior expressed preference of the deceased individual that is known to the covered entity.
How the Rule Works
The HIPAA Privacy Rule applies to the individually identifiable health information of a decedent for 50 years following the date of death of the individual. The Rule explicitly excludes from the definition of protected health information individually identifiable health information regarding a person who has been deceased for more than 50 years. See paragraph (2)(iv) of the definition of protected health information at § 160.103. Thus, for example, a HIPAA covered entity that maintains health or medical records, correspondence files, physician diaries and casebooks, or photograph collections that contain identifiable health information on individuals who have been deceased for more than 50 years may use or disclose the information without regard to the Privacy Rule because the information is not considered protected health information.
During the 50-year period of protection, the Privacy Rule generally protects a decedents health information to the same extent the Rule protects the health information of living individuals but does include a number of special disclosure provisions relevant to deceased individuals. These include provisions that permit a covered entity to disclose a decedents health information: (1) to alert law enforcement to the death of the individual, when there is a suspicion that death resulted from criminal conduct (§ 164.512(f)(4)); (2) to coroners or medical examiners and funeral directors (§ 164.512(g)); (3) for research that is solely on the protected health information of decedents (§ 164.512(i)(1)(iii)); and (4) to organ procurement organizations or other entities engaged in the procurement, banking, or transplantation of cadaveric organs, eyes, or tissue for the purpose of facilitating organ, eye, or tissue donation and transplantation (§ 164.512(h)). In addition, the Privacy Rule permits a covered entity to disclose protected health information about a decedent to a family member, or other person who was involved in the individuals health care or payment for care prior to the individuals death, unless doing so is inconsistent with any prior expressed preference of the deceased individual that is known to the covered entity. This may include disclosures to spouses, parents, children, domestic partners, other relatives, or friends of the decedent, provided the information disclosed is limited to that which is relevant to the persons involvement in the decedents care or payment for care. See 45 CFR 164.510(b)(5). For uses or disclosures of a decedents health information not otherwise permitted by the Privacy Rule, a covered entity must obtain a written HIPAA authorization from a personal representative of the decedent who can authorize the disclosure. A decedents personal representative is an executor, administrator, or other person who has authority under applicable State or other law to act on behalf of the decedent or the decedents estate. See 45 CFR 164.502(g)(4), as well as guidance on personal representatives available at: http://www.hhs.gov/ocr/privacy/hipaa/understanding/coveredentities/personalreps.html, for more information.
Edit history
Please sign in to view edit histories.
Recommendations
4 members have recommended this reply (displayed in chronological order):
84 replies
= new reply since forum marked as read
Highlight:
NoneDon't highlight anything
5 newestHighlight 5 most recent replies
RecommendedHighlight replies with 5 or more recommendations
I can only hope that the Gravedigger Of American Democracy hears the sound of shovels . . .
hatrack
Sunday
#1
I had to jump thru some hoops to get certified copies of my husband's death certificate so I could take care of details
Attilatheblond
19 hrs ago
#83
Her perks include influence with US government officials which can be rewardeing to the SHIPPING COMPANY
Attilatheblond
19 hrs ago
#82
Maybe they've already quick--frozen him and will resurrect only when a vote is needed.
erronis
Sunday
#45
And staffers are paid while doing whatever without proper chain of command & responsibility
Attilatheblond
Sunday
#63
Is there any way to force the issue? No reason to play nice with him at this point.
Crunchy Frog
Sunday
#6
Actually it is better for us if they pull this off and keep it hidden
InstantGratification
Sunday
#31
Between the R Senators who have lost primaries or who are not running for reelection
ToxMarz
Sunday
#34
It likely varies by state. In Florida, when I tried to look at the death certificate
allegorical oracle
Sunday
#40
Death certficates contain private info. (Cause of death, address, spousal address) Death index does not.
LeftInTX
Sunday
#67
Hitting a parked car results in a police report which is likely public domain
Attilatheblond
19 hrs ago
#84
Can't recall whether Thune is empowered to permit proxy votes. Anybody? nt
allegorical oracle
Sunday
#41
I don't think this is to the Republicans or Kentucky's benefit unless he is alive
karynnj
Sunday
#11
I don't understand why or why not having a special election makes any difference.
Fil1957
Sunday
#13
The Kentucky GOP has a strange law that only a republican can be named to replace McConnel
LetMyPeopleVote
Sunday
#14
I was thinking about that. But we could use Republican-style tactics against them, as well.
DFW
Sunday
#48
She just returned from a visit to China. Thought the timing was odd -- it could've
allegorical oracle
Sunday
#42
Excellent catch. R's just have to keep the body away from a corner for 3 more weeks
31j20b3
Sunday
#43