The Indiana Law Blog

« Law - Text book arbitrage and drug arbitrage | Main | Not law but interesting - Rumsfeld/Woodward interview transcripts »

Saturday, April 24, 2004

Law - HIPAA privacy requirements and the church

"When Calls for Prayer Trample Personal Privacy: Disclosing Details of Members' Health Could Pose Legal Problem for Churches," is the title of a very interesting story today in the Washington Post. An example from the article:

[A]n April 2000 article posted on the Web site of Fairmount Presbyterian Church in Cleveland heralded the minister of music's return from an illness:

"We have good news for you!" the article read. "Bryan Mitnaul is returning to Fairmount after a long medical leave of absence.

"Since the summer of last year, Bryan has been treated for bi-polar illness, a condition which at time has resulted in serious depression for him. Various therapies and medications have been tried, and finally, after much experimentation, his health has improved considerably. For that we are all very happy."

The Post story continues:

The church's comments, no matter how well-intentioned, crossed a line that should be a warning to any religious group that shares members' medical information in newsletters and during worship services, several ministers and specialists said.

Legally, publishing details of Mitnaul's condition without his permission was an invasion of privacy because it "included information in a way that would be highly offensive to the ordinary person," said Richard Hammar, general counsel for the Missouri-based Assemblies of God and publisher of Church Law & Tax Report, a national bimonthly newsletter.

Some conditions carry more of a stigma than others, and mental illness is one of them, Hammar said. Saying a person is recovering from a heart attack or being treated for cancer is "much less offensive," he said.

That's the way an Ohio appeals court ruled in 2002, citing invasion of privacy in sending the case back to a lower court that had issued a summary judgment favoring the church.

The case referenced is Mitnaul v. Fairmount Presbyterian Church, available here. More from the Post article:

Commonly referred to as HIPAA, the law called for broad protection of patient confidentiality rights and primarily applies to doctors, pharmacies and health care organizations. But the new law made it more difficult to visit members in the hospital, especially if the patient had failed to sign a consent form for such visits, and many clergy and laypeople worried that the law would restrict how they announced members' illnesses on prayer lists and in newsletters.

In February, the General Council on Finance and Administration of the United Methodist Church posted a 13-page memorandum on its Web site in an effort to clarify how HIPAA affects local churches. It cited Mitnaul v. Fairmount Presbyterian Church, not as an example of how the law might apply to religious communities but how the principle behind the law does.

"Obviously, this was an unfortunate case where well-meaning people unintentionally exposed their church to legal liability," the document states. "While this case does not involve the HIPAA privacy rule, it illustrates very clearly many of the issues churches need to consider whenever they disclose health related information about an individual."

Here is a link to the 13-page memorandum on the HIPAA priacy rule and local churches.

The Post also has a sidebar story titled "Law Prompts New Guidelines," available here. The Post also provides a link to guidelines from Health Ministries of the Presbyterian Church, which itself has additional links.

Posted by Marcia Oddi on April 24, 2004 11:46 AM
Posted to General Law Related