Prehospital Patient Confidentiality
|Bureau of EMS Policy Statement|
|Policy Statement #||08-02|
|Subject||Re: Prehospital Patient Confidentiality|
The New York State Department of Health, in accordance with State and Federal Laws, ensures that all health care providers protect the confidentiality of those patients for whom they are caring. It is the responsibility of each EMS provider to maintain the confidentiality of privileged information that they may have been exposed to in the course of their duties as a health care provider.
All agencies and/or systems are encouraged to have policies that require and include:
- Initial and as necessary, refresher training of staff regarding the importance of patient confidentiality; and
- Procedures for maintaining patient confidentiality.
To better understand what the role of the EMS provider is with reference to patient confidentiality, we must first define the term. The Encyclopedia of Surgery defines confidentiality as, "Confidentiality is the right of an individual to have personal, identifiable medical information kept private. Such information should be available only to the physician of record and other health care and insurance personnel as necessary. As of 2003, patient confidentiality was protected by federal statute."
Laws and Regulations:
The New York State (NYS) Public Health Law (PHL) Article 30 section 3006 and Title 10NYCRR Part 800.15 require any information that may disclose patient identity to be kept confidential. The Health Insurance Portability & Accountability Act of 1996, (HIPAA) is a federal law that protects patient confidentiality and privacy.
PHL Article 30, Section 3006:
§ 3006. Quality Improvement Program.
2. The information required to be collected and maintained, including information from the prehospital care reporting system which identifies an individual, shall be kept confidential and shall not be released except to the department or pursuant to section three thousand four-a of this article.
3. Notwithstanding any other provisions of law, none of the records, documentation, or committee actions or records required pursuant to this section shall be subject to disclosure under article six of the public officers law or article thirty-one of the civil practice law and rules, except as hereinafter provided or as provided in any other provision of law. No person in attendance at a meeting of any such committee shall be required to testify as to what transpired there at. The prohibition related to disclosure of testimony shall not apply to the statements made by any person in attendance at such a meeting who is a party to an action or proceeding the subject of which was reviewed at the meeting. The prohibition of disclosure of information from the prehospital care reporting system shall not apply to information which does not identify a particular ambulance service or individual.
4. Any person who in good faith and without malice provides information to further the purpose of this section or who, in good faith and without malice, participates on the quality improvement committee shall not be subject to any action for civil damages or other relief as a result of such activity.
Title 10NYCRR Part 800; section 800.15 REQUIRED CONDUCT:
Every person certified at any level pursuant to these regulations shall:
a) at all times maintain the confidentiality of information about the names, treatment, and conditions of patients treated except:
- a prehospital care report shall be completed for each patient treated when acting as part of an organized prehospital emergency medical service, and a copy shall be provided to the hospital receiving the patient and to the authorized agent of the department for use in the State's quality assurance program;
- to the extent necessary and authorized by the patient or his or her representative in order to collect insurance payments due;
- to the extent otherwise authorized by law;
The Health Insurance Portability & Accountability Act of 2003 (HIPAA):
In April 2003, HIPAA established a set of Federal regulations regarding confidentiality and privacy. Though, the department does not enforce HIPAA regulations, the law does affect EMS in NYS. It specifically relates to electronic patient billing and access to a patient's health records. The NYS Department of Health has information regarding HIPAA and how it affects NYS PHL. See References.
HIPAA and state laws do not necessarily preclude sharing of patient information among and between EMS providers and other health care providers, law enforcement, regional and state quality assurance systems, and other users of public health data. However, in the exchange of such information, EMS providers and systems are to be vigilant in ensuring the protection of data for the purpose it is being released.
It is beyond the scope of this policy statement to identify all of the laws or regulations that require confidentiality. This policy statement only identifies the most common items that pertain to the emergency medical services. Every EMS agency and/or provider must maintain compliance with the patient's needs of confidentiality.
All EMS providers and other necessary agency personnel are routinely exposed to confidential patient information. The Agency and all personnel exposed to confidential information is required to maintain confidentiality throughout every aspect of emergency medical service operations. It is required in but not limited to:
- training and education;
- every patient contact;
- other necessary healthcare providers;
EMS services are encouraged to review the HIPAA act and the NYS PHL to determine which law will take precedence over the other when there are similar topics and how they will affect your service and procedures. The Department has a chart that breaks down each section and discusses which law will take precedence. It can be found at http://www.health.state.ny.us/nysdoh/hipaa/pdf/hipaa_preemption_charts.pdf.
Below are several links for further reference to confidentiality.
Certification - Student Reference Guide
NYS PHL Article 30 Section 3006:
Part 800 section 800.15:
NYS Dept. of Health HIPAA advisory links: