HIPAA (Health Insurance Portability and Accountability Act) is crucial legislation that safeguards the privacy and security of individuals’ health information. Many employees wonder whether a HIPAA violation background check would tarnish their records. This article will explore the relationship between HIPAA and background checks. It will also show how updates to HIPAA rules can affect background checks.
Table of Contents
Do HIPAA Violations Show on Background Checks?
In most cases, a standalone HIPAA violation will not show up on a background check unless there are accompanying legal or public consequences. It’s essential to recognize that the visibility of a HIPAA violation in a background check depends on the specific circumstances and the extent of the background check conducted.
Background checks typically focus on criminal records, employment history, and educational qualifications rather than specific incidents of regulatory non-compliance.
When will a violation show up in a HIPAA background check?
A HIPAA violation may appear on a background check if it has resulted in legal action, disciplinary proceedings, or other public records. While HIPAA violations may not be directly included in a standard background check, its inevitable consequences, such as legal proceedings or enforcement actions, could become part of public records that might be uncovered during a background check. It’s important to note that including HIPAA violations in a background check can vary depending on the specific circumstances and the depth of the background check conducted.
Does HIPAA require healthcare organizations to do a background check?
According to Colington Consulting, HIPAA does not require background checks for employees with access to protected health information (PHI). HIPAA background checks are not explicitly stated in the Code of Federal Regulations (CFR). However, administrative safeguards addressed in CFR 164.308 says that organizations should establish policies and procedures that authorize appropriate access to electronic PHI. This access should be based on each workforce member’s role and responsibilities. Some organizations interpret “authorized access” as ensuring a potential hire is trustworthy. Thus, as a best practice, they conduct background checks.
How Updates to HIPAA Rules Impact Background Checks
HIPAA regulation updates can affect whether HIPAA violations show up in a background check. Let’s take the recently proposed update to the HIPAA Privacy Rule. In April 2023, HHS’ Office for Civil Rights (OCR) published a Notice of Proposed Rulemaking in response to the Supreme Court’s decision in Dobbs v. Jackson Women’s Health Organization. This led to states introducing anti-abortion legislation, making it more difficult for women to access abortion services in their own states. As a result, some women had to travel across state lines to seek abortions in states where it was still legal.
The proposed update aims to address the privacy concerns arising from these anti-abortion laws and the need for women to seek reproductive healthcare in other states. It introduces a new category of uses and disclosures of PHI called “attestation.” The new rule requires covered entities to obtain an attestation from the person requesting the use or disclosure, confirming that they will not use or disclose the information for prohibited purposes, such as pursuing criminal convictions related to legal procedures.
The goal of the proposed changes is to maintain a balance between an individual’s privacy and using or disclosing that information for public policy purposes, such as investigations or legal proceedings. The OCR states that recent developments have led to increased interest in accessing health information for punitive non-healthcare reasons. This puts the relationship between individuals and their healthcare providers at risk.
How the proposed Privacy Rule update impacts background checks
The HIPAA Journal says that if the proposed update to the Privacy Rule is implemented, it could potentially lead to more violations of §1177. A §1177 violation is also a HIPAA violation that may appear in a background check.
§1177 or Section 1177 of the Social Security Act outlines the offense and penalties for wrongfully disclosing individually identifiable health information. It prohibits individuals or entities from knowingly and wrongfully disclosing PHI without proper authorization. If someone discloses PHI under an attestation, they will be guilty of a §1177 violation. Not only will the individual be guilty of a §1177 violation, but the Covered Entity (or employee of a Covered Entity) who disclosed the information may also be held liable for a §1177 violation if they knew or should have known that the sensitive PHI would be used or disclosed for a prohibited purpose.
Stay Updated on HIPAA Rules for a Clean Background Check
While a HIPAA violation is unlikely to appear on a standard background check, covered entities and their healthcare employees must stay informed about the proposed Privacy Rule updates. Adhering to HIPAA regulations, regularly updating policies and procedures, and providing comprehensive HIPAA training can help mitigate the risks of HIPAA violations. By maintaining compliance, organizations can safeguard individuals’ health information, avoid legal and financial penalties, and contribute to the protection of sensitive data.
