Consents and 42 CFR Part 2 - New Rules for Re-Release of Substance Use Disorder Information

Why Should You Attend:

When substance use disorder treatment information is involved, first you need to understand how to identify it. In this webinar, we will discuss how to make it distinguishable from “regular” health information, so that the appropriate extra protections can be provided. You may be able to use functions in your EHR to flag the information, or you may create a manual process for tracking the information, if it is rarely handled in your organization. And the substance abuse treatment information you collect may or may not be under SAMHSA depending on whether or not you have a department or even a response team that specializes in SAMHSA-related situations. You need to understand your status under the rules before you release information inappropriately. We will discuss what qualifies treatment that falls under SAMHSA.

If your organization provides services that create information that is under the SAMHSA regulations, you will need to establish the consent and release of information processes that are required to be followed for information releases under 42 CFR Part 2. This involves getting the proper consents upon establishment of the relationship, as well as managing consents for releases that may be necessary after the initial establishment of the relationship. The session will include an explanation of the consent and release requirements that must be followed.

When you release information under HIPAA, there are no special notices required to be placed on the records. But when you release information under SAMHSA, each document must have a notice that explains that re-disclosure is not permitted without a new consent. Complicating matters are updated rules that allow a consent that permits a re-release to a defined team of providers caring for the individual, but then require meticulous documentation of to whom the information has been released under such a consent. The session will go over the rules on consents and re-release of information. Mishandling such consents can result in significant penalties.

Areas Covered in the Webinar:

• What HIPAA allows, what SAMHSA requires, and the differences will be explained.
• How to determine if the services you provide place you under FERPA or 42 CFR Part 2.
• Exploring the means for making sure substance abuse treatment information receives the appropriate protections.
• The consent and release requirements under HIPAA and 42 CFR Part 2 will be explained.
• Re-release of information released under 42 CFR Part 2 under the new rules will be discussed.
• Requirements for providing an accounting of disclosures of Part 2 information will be explained.
• Sharing of information with family and friends in an overdose incident will be explored.

Who Will Benefit:

This webinar will provide valuable assistance to all personnel in:

Social Service Agencies, Medical offices, practice groups, hospitals, academic medical centers, insurers, business associates (shredding, data storage, systems vendors, billing services, etc). The titles are

• Compliance director
• CEO
• CFO
• Privacy Officer
• Security Officer
• Information Systems Manager
• HIPAA Officer
• Chief Information Officer
• Health Information Manager
• Healthcare Counsel/lawyer
• Office Manager
• Contracts Manager

Jim Sheldon-Dean
Principal and Director of Compliance Services, Lewis Creek Systems, LLC

Jim Sheldon-Dean is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of health care entities. He is a frequent speaker regarding HIPAA, including speaking engagements at numerous regional and national healthcare association conferences and conventions and the annual NIST/OCR HIPAA Security Conference. Sheldon-Dean has more than 19 years of experience specializing in HIPAA compliance, more than 37 years of experience in policy analysis and implementation, business process analysis, information systems and software development, and eight years of experience doing hands-on medical work as a Vermont certified volunteer emergency medical technician. Sheldon-Dean received his B.S. degree, summa cum laude, from the University of Vermont and his master’s degree from the Massachusetts Institute of Technology.

Follow us :