Mortuary Law- Chapter 16 Flashcards
Impose wide-ranging requirements and restrictions on financial and health care businesses that deal with consumers. Help to combat:
- Identity theft
- Credit scams
- Other privacy-invasion schemas that have spawned by the internet and the computerization of America
Federal Privacy Laws
Designed to protect the privacy of consumer information held by financial institutions. Three primary parts:
- Financial Privacy Rule
- Safeguard Rule
- Pretexting Provisions
Gramm-Leach-Bliley Act of 1999 (GLB Act)
Informs consumers about the type of information the financial institution collects from consumers and what types of businesses or companies they share that information with.
- If the financial institution is sharing information with non-affiliated companies, the consumer has the right to “opt out” from the financial institution’s disclosure of personal information.
- Most Americans are familiar with this rue- routinely received privacy notices from banks, stock brokers, insurance companies, and other financial institutions.
Financial Privacy Rule
Financial institutions are required to set up and maintain safeguards to protect personal financial information obtained from consumers. Requires the use of computer firewalls and encryption devices to protect consumer information.
- Also dictates procedures that financial institutions should follow to destroy consumer financial information, such as the use of shredders and specially designed trash containers.
Safeguard Rule
Prohibits third parties from obtaining personal information through fraud or trickery.
- Makes it a criminal act to falsely obtain personal information from a financial institution or from consumers.
Pretexting Provisions
- Traditional financial institutions such as banks. stockbrokers, and insurance companies.
- Businesses that provides financial products or services to consumers.
- Non-traditional institutions: mortgage lenders, loan brokers, tax preparers, debt collectors, and financial advisors.
- This does NOT cover funeral homes
Who the GLB Act Covers
According to the Federal Trade Comission, which enforces the GLB Act against non-traditional financial institutions, a business is not considered to be one of these unless it is “significantly engaged in financial activities.”
- Primary business of a funeral home is the provision of funeral services, not financial services. (not covered by the act).
Financial Institution
The obligations of the GLB Act fall on the principal, not the funeral home as the agent. It is the principal’s requirement to issue privacy notices and safeguard consumer information under the GLB Act, not the funeral home.
- i.e. selling preneed insurance policy for an insurance company
Funeral Homes Acting as Agents of Financial Institutions
Required the U.S. Department of Health and Human Services (HHS) to issue regulations protecting the privacy of health information.
- Most significant protection of patients’ medical and health information originated with this.
Health Insurance Protability and Accontability Act (HIPAA)
(1996)
Standards developed by HHS
- Businesses covered (Covered entities) - health care providers, health care billing and payment services, and health plans.
- Covered entities to undertake the following actions:
- Notify patients about their privacy rights and how their health information will not be used.
- Adopt and implement privacy procedures for the covered entity
- Train employees so that they understand the privacy procedures
- Designate an individual to be responsible for seeing that privacy procedures are adopted and followed.
- Secure patient records containing individually identifiable health information so that they are not readily available to unauthorized parties.
Standards for Privacy of Individually Identifiable Health Information (HIPPA Privacy Rule)
When a Covered Entity has another business perform functions or activities on behalf of the Covered Entity, and that business is provided patient health information.
- In the past, the HIPPA privacy rule did not directly regulate these, but did require Covered Entities to oversee activities of these.
- With ammendments passed by Congress in 2009, HHS is now considering direct regulation of these under the HIPPA privacy rule.
Business Associate
- Covered entities are susally health care providers, health care insurers, and medical billing services, therefore funeral homes are not these.
- Funeral homes do not generally contract with Covered Entities to perform functions or activities on behalf of the Covered Entities. Therefore, Funeral homes are not Business Associates. (despite receiving health care information).
Funeral Homes are Neither Covered Entities nor Business Associates
Although funeral homes are not covered by the HIPPA Privacy Rule, the HIPPA privacy rule does recognize tha there are legitimate needs to disclose individual health information to third parties (funeral homes).
- HIPPA privacy rule does not mandate the disclosure of confidential health information to third parties such as funeral homes. Rather the HIPPA Privacy Rule allows Covered Entities to make those disclosures either as a voluntary reporting practice or as a reporting practice that may be compelled by state law.
Disclosing Individual Health Information
Allows Covered Entities to disclose confidential health information to funeral directors consistent with applicable law, as necessary to carry out their duties with respect to a decedent.
- Also states that when necessary for funeral directors to carry out their duties, Covered Entities may disclose protected health information prior to and in reasonable anticipation of an individual’s death.
- Some states require disclosure of patient health information to funeral homes, others do not.
- Positive HIV test
- Presence of communicable disease
Section 164.512(g) of the HIPPA Privacy Rule
Issued by both the Federal Trade Comission and the Federal Communications Commission. These regulations allowed consumers to register any residential telephone number, including cell phone numbers, on a national registry at no cost.
- Telemarketers are subject to $16,000 fines if they call any number on this list
- This rule also contain a number of restrictions and prohibitions on telephone sales practices.
FTC/FCC Do-Not-Call Regulation