Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

State pre-emption

June 4, 2004

Article

I've been told that laws in my state that are less strict than the federal privacy rule are pre-empted by it. Is this right?

Q:I've been told that laws in my state that are less strict than the federal privacy rule are pre-empted by it. Is this right?

A: Yes. Generally speaking, HIPAA sets a minimum privacy standard for all states. Where this standard exceeds the standard set by the state, you must obey HIPAA. If, on the other hand, your state requires more than the minimum standard set by HIPAA, you're required to obey both your state law and the federal privacy rule. For instance, let's say your state requires that requests for release of HIV information contain very specific and highly protective language relating to safeguards, patient confidentiality, and the like. In such cases, authorizations for release of information must contain the precise state language, as well as the less restrictive federal language.