Although the horror stories resulting from the three-year-old federal health privacy regulations are still mounting, there are two recent court cases that offer support for access to public records that officials want to close in the name of privacy.
In June, the Texas Court of Appeals ruled that the federal Health Insurance Portability and Accountability Act does not trump the Texas open records law. Judges ordered the state to release statistics about alleged sexual assaults at mental hospitals.
The case started in 2003, the same year the HIPAA regulations went into effect. Joe Ellis, an investigative producer at Dallas-based KDFW-W, learned about a female who had become pregnant while residing at a state institution. He requested statistics on alleged sexual assault and abuse incidents at state mental hospitals, subsequent investigations and the outcome of any investigations. Ellis did not ask for victims' names, only the facilities of any assaults.
The Texas Department of Mental Health and Mental Retardation cited HIPAA and denied Ellis' request. The Texas attorney general disagreed and said HIPAA did not preempt the state's open records law and that HIPAA allows disclosure of health information if it is 'required by law.'
A district court judge rejected the attorney general's argument but bought the department's line. The four-judge Court of Appeals rejected the department's logic, saying that just because public records laws aren't listed in the HIPAA rules doesn't mean they don't apply. (Abbott v. Texas Department of Mental Health and Mental Retardation).
In March, the Ohio Supreme Court reached a similar conclusion, ruling that Cincinnati Enquirer reporters had a right to look at lead paint violations. Journalists had asked the Cincinnati Health Department to provide 'copies of the 343 lead citations and any others that were issued between 1994 and the present.' The city balked, citing HIPAA and including a claim that it was a 'covered entity' under the federal HIPAA rules.
The Enquirer asked the appeals court to overrule, but judges voted against the records release. On appeal, the Supreme Court ruled that lead citations and related reports did not contain protected health information ns defined by HIPAA
Furthermore, Supreme Court justices explained that, even if the citations and reports contained protected health information and even if it is determined that the Health Department operated as a 'covered entity' as defined by HIPAA, the requested reports still would be public under the 'required by law' exception in HIPAA (Cincinnati Enquirer v. Daniels).
Many legal experts see these two rulings as a promising way for the public to continue to get information it needs about important issues such as lead paint poisoning and sexual abuse in mental institutions. At the same time, there is still plenty of bad news created by the overbroad interpretation of HIPAA.
In May, the Louisiana Supreme Court voted to not hear a case in which the state refused to release information in 911 calls. The calls were made in 2005 from the private Baton Rouge residence of then secretary of State Fox McKeithen the day he suffered a paralyzing fall. The Gannett Co.'s Louisiana newspapers and the state's press association sued the city-parish a month after the accident to try to get the 911 calls (Hill v. East Baton Rouge Parish Department of Emergency Medical Services).
Officials with the city-parish Emergency Medical Services refused to make the recordings public, claiming the HIPAA protected medical information in the calls.
A state district judge who listened to the tapes ruled that McKeithen's privacy rights outweighed the public interest in the call contents. Judges at the 1 st U.S. Circuit Court of Appeals voted 2-1 to keep the records confidential. Judges agreed with the medical services' contention that those calling 911 should feel they can talk candidly without fear of embarrassment from any future public disclosure. The appellate court panel also found EMS should be considered a health-care provider and therefore protected from public disclosure by HIPAA.
In March, Nevada's attorney general's office issued an opinion saying that social service or welfare agencies can't reveal records about cases in which child abuse resulted in death. That's even after officials received a letter from an official with the U.S. Department of Health and Human Services saying that the federal Child Abuse Prevention and Treatment Act includes 'specific reporting elements pertaining to child fatalities that should be required and potentially made public,' according to the Las Vegas Review-Journal.
In Rhode Island, weeks after a Superior Court judge ruled that a Woonsocket police recruit be allowed to attend the municipal police academy, he remained assigned to clerical duty at the city's Police Department, while officials hid behind HIPAA rules and didn't explain why. In Texas, details of a murderer's death 'from natural causes' still remain a mystery after prison officials cited HIPAA.
Across the country, fire departments and police agencies still refuse to provide information citing HIPAA. For example, a Wisconsin fire department refuses to give even the time that fire calls come in. Many agencies are not considered 'covered entities' under the law and some attorney generals have ruled that police reports aren't subject to HIPAA.
[Author Affiliation]
Joel Campbell is the co-chairman ofSPfs Freedom of Information Committee. A former reporter and editor, he is an assistant professor in the Brigham Young University Department of Communications, Prove, Utah. He can be reached at joelcampbell@byu. edu
