More HIPAA madness? On Wednesday, in a crime that cast a chill through the mental health community, a Manhattan therapist was brutally slaughtered in her office by a man whose actions seemed consistent with those of a current or former patient with a grudge. The assailant escaped on foot, and although his image had been captured on surveillance tape, police were nowhere near beginning to know where to start looking for him: “Because of privacy laws, police hadn’t been able to access patient records as of late yesterday, sources said.” (New York Post, Feb. 14)(via Bader). On medical privacy laws and the Virginia Tech rampage of Seung Hui Cho, see Jun. 16, 2007.
More: Commenter Supremacy Claus says not to blame HIPAA, which has an exemption for police reports.
Friday morning sequel: This morning’s New York Post sticks with the original story and fleshes out the HIPAA role somewhat:
The hunt for the savage beast who butchered an Upper East Side therapist has hit a roadblock – because detectives can’t access her patients’ medical records under federal privacy laws, The Post has learned.
Police believe the meat-cleaver-wielding psycho who killed Kathryn Faughey on Tuesday night inside her office on East 79th Street could be the doctor’s patient – and need access to her records to identify him.
But police sources said because of the Health Insurance Portability and Accountability Act, signed by President Bill Clinton in 1996, investigators are having a hard time gaining access to those records.
“A case like this gets complicated because of medical privacy protections,” a source close to the investigation told The Post yesterday.
The federal law states that doctors, hospitals and health-insurance companies must protect the privacy of patients – even in a murder investigation – and that only through the use of subpoenas can authorities hope to obtain such information.
Police sources said investigators have applied for a subpoena, but have yet to receive it. Even if the subpoena is issued, patients can sue to keep their records private. …
[D]etectives have tried to get around the law by tracking down patients through sign-in sheets at the building’s front desk and through surveillance cameras in the lobby, sources said.
(Murray Weiss, Jamie Schram and Clemente Lisi, “Vexed by ‘Slay File’ Madness”, New York Post, Feb. 15). My Times (U.K.) article on the problems posed by health privacy laws is here.