HIPAA Violation
 

OO and HIPAA Laws broken? Apparently it's a thing over there. Anyone have a story/info about?

How can OO violate a HIPAA law?

They shouldn't be privy to any covered healthcare information to begin with.

Do better than this if you are going to throw out drivel.

Yeah hard to break a law that doesn't even apply to you.

Not entirely true. Airlines have and can request health data. I had Delta airlines release health information on me that they required after a return to work from surgery. They we're definitely in violation of the law.

They probably were not.

Law applies to health care providers, who generate or acquire your health info in their course of business.

DAL is not a healthcare provider, the only way they got your info is if YOU gave it to them. Not covered by HIPAA (might be some applicable state laws, more likely in CA than GA though).

Although if DAL was in the business of conducting FAA 1C medical exams with an in-house AME that might be different. But in this day and age anybody who even does that typically outsources to an actual healthcare provider (who could not share the info with any other party without your permission).

What did they do? Use the info to consult with the FAA?

I was required to provide the data to Delta's health department as well as their accommodations department. Since I requested some sim time to see how I could function it was relayed to the training department. They decided to give all that data to Delta's POI on my fleet. POI's have absolutely nothing to do with medical issues. What followed was a ****show with me caught in the middle as different FAA departments got in a turf war!
I actually ended up with two different first class medicals from two different FAA sections. Not long after had the FAA show up and ask for credentials. I asked him which medical he wanted, my southern or northern medical! He was a bit perplexed!

That does sound like a nightmare, but not a HIPAA issue.

It's also a violation of FAA procedure on seeral levels, and certainly an ethical lase on the part of grand old Delta.

Of course, you worked through an attorney, your union, and a medical consultation service?

I worked through all 3. The attorney wanted to sue Delta and stated it was a Hippa issue. It gets more complex because I had to have the same surgery on my other ear later. Being bilateral blew everyone's mind. In the same day I got a letter removing me from disability because I could hold a class 1 medical and a letter denying my return to work from Delta's doctor. Fun times!

I guess the legality would hinge on what a "health department" is.

If they just asses employees fitness for duty, OJI claims, etc then they might not be a "health care provider". Even doing an FAA 1C exam could likely fall under "assessment", not "care".

Also would depend on the conditions under which you disclosed the info to DL, if there wasn't an actual or implied authorization to share that info it could be a violation... maybe that's what the lawyer was getting after. Again, varies by state.

HIPAA is like the 1st amemndent... you have to understand what exactly it means, and it's not intuitive. I belabor this for the benefit of others who might read this.