Jump to content

Privacy of Health Forms


Recommended Posts

49 minutes ago, mrkstvns said:
> 4 minutes ago,  willray said: 
> I certainly don't have a good answer to the problem, HIPAA certainly isn't it. 

Never said it was.  HIPAA though does set a responsibility on health care organizations to respect an individual's privacy and safeguard their information.

Ummm...

6 hours ago, mrkstvns said:

What you are doing argues strongly in FAVOR of extending HIPAA protections to organizations like BSA, because they clearly cannot be trusted to keep personal information "personal".

...

51 minutes ago, mrkstvns said:

This is the ONLY point that I think should be extended to BSA, schools, camps, and ALL other organizations that ask for any health info: they should respect privacy, safeguard information, and penalties should be imposable for failures to do so. People should be allowed to keep private info private, and organizations that are cavalier about it should be fined, sued or otherwise face consequences. THAT is my point. Exactly how such a policy could be formulated is up to the legislature, but a need for such safeguards is apparent from this discussion.

Per HIPAA, if BSA was a covered entity, Awanatech reviewing medical forms prior to an activity would be permissible, and your son/daughter telling someone in another patrol about their patrol-member's food allergy would be a sue-able, mandatory-consequences-inducing act.  That's what a legislated solution will get you, so be careful what you wish for.

More interestingly, what I believe I'm seeing is a greater need for safeguards for units, so that they can protect themselves and their scouts against medical-safety issues induced by paranoid scouters who would rather endanger youth and other unit leaders, than disclose medical information that is important to the unit's safety and ability to operate.

  • Upvote 1
Link to comment
Share on other sites

1 hour ago, mrkstvns said:

It is not YOUR business whether somebody is fit or not fit. That is between them and their doctor. If the doctor has reviewed the demands/requirements and says "fit", then all you have to do is accept his professional opinion and you are absolved of liability. A waiver would be okay. A detailed medical history is not necessary, no matter how much you, BSA, or the busy-bodies in your troop may think it is. Pretending that there is some special "scout-like" obligation is simply nonsense. Medical info is none of your business. Nobody in the troop has a right to expect that it is.

There's really two seperate issues here.  

First - does the BSA even need anything more than a assessment of "fit to participate" or not?

Second - if the BSA requires health forms for participation - should troop adults review them?

If the BSA is going to require health forms for participation, then unit leaders ought to review them before an event.  It's not HIPAA case because the forms are provided voluntarilty and for the purpose of participation in that activity.  Really, the whole thing with privacy of health forms has more to do with people seening that that you don't expect should - your employer, you neighbors, etc.  But, having the ASM leading a trip knowing that you have a heart condition is appropriate because you provided the form for that purpose.

 

  • Like 1
  • Upvote 2
Link to comment
Share on other sites

3 hours ago, ParkMan said:

There's really two seperate issues here.  

First - does the BSA even need anything more than a assessment of "fit to participate" or not?

Unless BSA decides on a policy such that they bar persons from any activity where any pre-existing medical condition could possibly affect their safety, or the safety of others around them, then the answer is unequivocally yes.   Plenty of people are fit to participate in activities where they are nonetheless either at an enhanced risk to themselves, or pose a risk to those around them if appropriate precautions aren't taken.  It is the height of irresponsibility to ask that the unit deal with the consequences of those risks without providing them adequate information with which to mitigate the risks.  And yeah, that's un-scoutlike.

3 hours ago, ParkMan said:

Second - if the BSA requires health forms for participation - should troop adults review them?

If the forms contain information that is necessary to help mitigate risks, or deal with emergency medical issues should they arise, then also, unequivocally yes.  If the forms contain something other than that information, I would argue that whatever that content is, it is irrelevant and ought to be omitted.

Link to comment
Share on other sites

 

5 hours ago, mrkstvns said:

It is not YOUR business whether somebody is fit or not fit. That is between them and their doctor. If the doctor has reviewed the demands/requirements and says "fit", then all you have to do is accept his professional opinion and you are absolved of liability. A waiver would be okay. A detailed medical history is not necessary, no matter how much you, BSA, or the busy-bodies in your troop may think it is. Pretending that there is some special "scout-like" obligation is simply nonsense. Medical info is none of your business. Nobody in the troop has a right to expect that it is.

Never said it was.  HIPAA though does set a responsibility on health care organizations to respect an individual's privacy and safeguard their information.

This is the ONLY point that I think should be extended to BSA, schools, camps, and ALL other organizations that ask for any health info: they should respect privacy, safeguard information, and penalties should be imposable for failures to do so. People should be allowed to keep private info private, and organizations that are cavalier about it should be fined, sued or otherwise face consequences. THAT is my point. Exactly how such a policy could be formulated is up to the legislature, but a need for such safeguards is apparent from this discussion.

 

Health forms aren't a permission slip.  They aren't just about if you are "fit" or not.  

Part A is a liability waver. 

Part B is a voluntary history that provides your unit with the information needed if emergency First Aid is needed or if you are taken to a medical facility and not able to provide a history yourself.  I maintain that this could probably be accomplished with a sealed envelope and a "is there anything on here that we need to know about?"  That makes things on the scouter/parent not on the unit. 

Part C is the "Fit or not" part.  These are for long term camping and high adventure.  They limit the BSA's risk in taking people who shouldn't be in the middle of nowhere for an extended period.  It is partially a medical certification of what you state in part B.  

Here is the thing about privacy.  If you want real privacy of your medical information, don't go. Or don't participate with a troop that doesn't handle your information in a way you deem appropriate.  You have that choice.  HIPAA exists because you sometimes don't have that choice when dealing with medical institutions. You are allowed to keep information from the BSA by not being a member. 

  • Upvote 2
Link to comment
Share on other sites

6 hours ago, mrkstvns said:
6 hours ago,  MikeS72 said: 

...As each person checking in Saturday morning turned in their Part A & B forms they were asked if there were any issues we should be aware of, and the forms went straight into a folder, where they remained until they were returned Sunday afternoon.  No reason to read anything on them.

And you could very easily have  just asked the one relevant question without keeping any paper records that have the potential to be abused by people with zero "need to know"....

And if someone had answered "Yes", your proposed ad-hoc procedure would have either resulted in a probably-fruitless attempt to memorize the person's details and share them with enough people so that someone remembered in the case of a problem, or the generation of un-standardized and untracked paperwork that probably would have failed to capture all the relevant information, both possibilities generating enhanced risk, and decreasing the likelihood that the information would actually be "kept private".

On the other hand, given that everyone answered "no" and the procedure that they followed, the paper records that you're concerned about being abused should contain, by definition, no information that could be abused!

Edited by willray
Link to comment
Share on other sites

3 hours ago, ParkMan said:

There's really two seperate issues here.  

First - does the BSA even need anything more than a assessment of "fit to participate" or not?

Second - if the BSA requires health forms for participation - should troop adults review them?

If the BSA is going to require health forms for participation, then unit leaders ought to review them before an event.  It's not HIPAA case because the forms are provided voluntarilty and for the purpose of participation in that activity.  Really, the whole thing with privacy of health forms has more to do with people seening that that you don't expect should - your employer, you neighbors, etc.  But, having the ASM leading a trip knowing that you have a heart condition is appropriate because you provided the form for that purpose.

 

here are common examples of adult participants "fit" to participate in a weekend campout, but whose medical information it's necessary for the troop and the adult in charge of the trip to know about: food allergies and allergies to insects and the carrying of an epi-pen, asthma and inhalers, etc.

This is certainly private medical information, but if the other adults on the trip don't know about it they can't be prepared to render aid if it's needed.  If someone goes into anaphylactic shock there is no time to find and open a sealed envelope with medical information.

  • Upvote 1
Link to comment
Share on other sites

6 minutes ago, T2Eagle said:

here are common examples of adult participants "fit" to participate in a weekend campout, but whose medical information it's necessary for the troop and the adult in charge of the trip to know about: food allergies and allergies to insects and the carrying of an epi-pen, asthma and inhalers, etc.

This is certainly private medical information, but if the other adults on the trip don't know about it they can't be prepared to render aid if it's needed.  If someone goes into anaphylactic shock there is no time to find and open a sealed envelope with medical information.

I agree with you, but the forms don't just ask that.

"A Scout is trustworthy"

There are quite a few things on the form that aren't necessary for first aid treatment but would be useful for a ER physician.  It might be prudent for there to be another set of information for the troop separate from the part B form. There isn't and I understand why some of these things bother people.  I also understand that people who don't have things they care about keeping between them and their doctor might have a hard time understanding why people were so bothered. 

Link to comment
Share on other sites

6 minutes ago, mds3d said:

There are quite a few things on the form that aren't necessary for first aid treatment but would be useful for a ER physician.  It might be prudent for there to be another set of information for the troop separate from the part B form. There isn't and I understand why some of these things bother people.  I also understand that people who don't have things they care about keeping between them and their doctor might have a hard time understanding why people were so bothered. 

There is no need, other than perhaps wanting to improve your chances for survival in an emergency, to provide any information on the forms that would only be useful once you made it to an ER.    If you feel a need to have that ER-relevant information with you on a scouting activity, I assume you also feel a need to have it with you when you're doing things other than scouting activities, so something like the suggested medical dog-tags makes sense:  They're carried on the person, so they're actually on-site when needed, rather than locked up in a car back at the trail-head, they're not exposed to scrutiny unless necessary, etc.   Other than in compliance with any state or federal laws that might mandate its acquisition and maintenance by units/camps, there's simply no reason to record any of that information on BSA forms period.

The BSA forms exist so that the unit can manage risk to you, and to the rest of the participants in an activity.  If the information happens to help at the ER, should an emergency occur, that's great, but, that's certainly not their primary reason for existing.  If there's something you'd like to keep between you and your doctor, and it doesn't affect your risk or the rest of the unit then by all means, feel free to omit that information.  If whatever it is, does affect your risk, or puts others at increased risk, and you're more worried about whether you can trust your fellow scouts and scouters than those risks, please, don't attend.

Link to comment
Share on other sites

10 hours ago, willray said:

On the other hand, given that everyone answered "no" and the procedure that they followed, the paper records that you're concerned about being abused should contain, by definition, no information that could be abused!

Incorrect.  The BSA medical form contains my name, address, insurance company, policy number, phone number, age, DoB,  gender, name and phone number of an emergency contact, and my signature.  There's plenty of information there to be exploited even if one leaves all the medical stuff completely blank.

Edited by walk in the woods
Added DoB
Link to comment
Share on other sites

Once upon a time, we all carried our med forms in our wallets,

Subcutaneous RFId's would end this discussion.

Or better yet, sub-lingual tattoos. Scout sticks out tongue, doc reads bar code. Privacy, emergency access, security.

Link to comment
Share on other sites

28 minutes ago, walk in the woods said:

Incorrect.  The BSA medical form contains my name, address, insurance company, policy number, phone number, age, DoB,  gender, name and phone number of an emergency contact, and my signature.  There's plenty of information there to be exploited even if one leaves all the medical stuff completely blank.

I guess you're right about the insurance policy information - that's probably overreach, since it's not really necessary for risk mitigation.  Of course, if you'd prefer to go in the slow-line at the ER if you actually need medical assistance, it appears that the form is perfectly happy to accept "None" as an answer.

The emergency contact information perhaps might count as overreach as well, though at least to me, that's less obvious, and I suspect any reasonably responsible entity would insist on collecting that as a condition of participation even if they didn't collect health information.

The rest of the information is pretty much required by YPT - I don't think you're going to find many units willing to risk letting someone participate with youth on an activity, if they don't know your name, age, and in today's world, declared gender.

Edited by willray
Link to comment
Share on other sites

2 hours ago, willray said:

I guess you're right about the insurance policy information - that's probably overreach, since it's not really necessary for risk mitigation.  Of course, if you'd prefer to go in the slow-line at the ER if you actually need medical assistance, it appears that the form is perfectly happy to accept "None" as an answer.

The emergency contact information perhaps might count as overreach as well, though at least to me, that's less obvious, and I suspect any reasonably responsible entity would insist on collecting that as a condition of participation even if they didn't collect health information.

The rest of the information is pretty much required by YPT - I don't think you're going to find many units willing to risk letting someone participate with youth on an activity, if they don't know your name, age, and in today's world, declared gender.

I think it probably gets even more complicated in the future as GDPR effects become more fully understood and with the push by some groups to implement similar laws in the U.S.  Although I suppose GDPR is actually a thing for the WSJ in a few months.

Link to comment
Share on other sites

8 minutes ago, walk in the woods said:

I think it probably gets even more complicated in the future as GDPR effects become more fully understood and with the push by some groups to implement similar laws in the U.S.  Although I suppose GDPR is actually a thing for the WSJ in a few months.

GDPR is absolutely going to be a show worth stocking up on popcorn for.  I'll bet folding money that they'll find a way to back themselves into a regulatory corner such that it's impossible to fix the problems with the law, without violating the law.

None of which is to say that I'm not a staunch supporter of individual privacy - I simply believe that a person needs to take responsibility for their own privacy, and that only a fool would think that they can actually achieve privacy by legislatively mandating someone else to maintain it.

Link to comment
Share on other sites

On 4/8/2019 at 11:37 AM, mrkstvns said:

Hmmmm.

You might think that's a "positive" outcome, but I'm very troubled that any adult is prowling through the medical forms, reading info about everyone in the troop. That is precisely the reason that health care providers are obligated to safeguard health info under HIPAA regulations --- because we, as a society, WANT to have the right to our health information staying "personal".

What you are doing argues strongly in FAVOR of extending HIPAA protections to organizations like BSA, because they clearly cannot be trusted to keep personal information "personal".

I certainly don't know the ideal way to handle personal health information, but I know it's not having you read everybody's health background.  It might be to adopt something like the sealed envelope approach that John-in-KC described. It can certainly be done better than today's practice of having binders of forms sitting around, readable by anyone with an inkling to snoop and gossip.

The adults in my units have always known how I handle their private information.  They trust me with their children, they also trust me with their information. I have never had an adult with any concerns or objections as to how I handle any of the paperwork, whether applications or med forms.  I have had several who have expressed appreciation that I am aware of issues that may arise as a result of medical conditions that either my adults or Scouts have.  There has never been a question as to how I handle their information from anyone in my units, only random strangers on the internet.  While I am not a professional healthcare provider, my wife is and I am very aware of HIPAA and how it works.  I know that I am not bound by HIPAA, but I still treat the information with the privacy that it deserves.  I am the one responsible for my unit & I am the one who will be the first responder when something happens that affects one of my Scouts or adults.  In the example that I shared from one of our recent outings, as far as my unit is concerned, yes, I'll stand by my thinking that it was a positive outcome.  You & your unit can handle things as you see fit and I'll do the same.   But thanks for the assumption that I & my other adults sit around snooping & gossiping about our unit's medical histories. That speaks volumes of how you feel about Scouters who do things differently than you.

Edited by awanatech
  • Upvote 1
Link to comment
Share on other sites

On 4/9/2019 at 9:17 AM, willray said:

I guess you're right about the insurance policy information - that's probably overreach, since it's not really necessary for risk mitigation.  Of course, if you'd prefer to go in the slow-line at the ER if you actually need medical assistance, it appears that the form is perfectly happy to accept "None" as an answer.

The emergency contact information perhaps might count as overreach as well, though at least to me, that's less obvious, and I suspect any reasonably responsible entity would insist on collecting that as a condition of participation even if they didn't collect health information.

The rest of the information is pretty much required by YPT - I don't think you're going to find many units willing to risk letting someone participate with youth on an activity, if they don't know your name, age, and in today's world, declared gender.

I'm sorry, "the slow-line"?

Can you tell me what you mean by that?

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...