Understanding the correlation to behavior with Protected Health Information constraints.
Along with the regular stressors of everyday life, the COVID-19 pandemic and resulting economic, financial, and public health turmoil have brought additional layers of anxiety and fear to every individual’s home. Aside from working, taking care of loved ones, and completing daily tasks, people across the country now have to worry about the health and safety of themselves and their loved ones as novel coronavirus cases continue to increase across the parts of the globe.
Without a doubt, 2020 has taken a toll on American mental health. The Kaiser Family Foundation recently found that 45% of adults in the U.S. reported that their mental health has been negatively impacted this year. And as mental illnesses such as anxiety and depression increase, levels of health risk behaviors (i.e. excessive alcohol and drug use, smoking, and reduced level of exercise) also trend upwards.
What can healthcare providers do to help Americans through this crisis? Start by understanding the tension between whole person care—which includes mental health in the overall care and treatment of patients—and privacy regulations and concerns.
Embrace whole person care
The challenge that healthcare providers face is caring for the health of the whole person, while also navigating through Protected Health Information (PHI) constraints. The HIPAA Privacy Rule affords federal protections for personal health information held by covered entities and provides patients with rights with respect to that information. Also, the Privacy Rule allows the release of personal health information required for patient care and other necessary purposes. PHI constraints maintain patient-provider trust—but can cause challenges to delivering efficient care due to the need to provide the patient’s health history to other caretakers while keeping confidential certain aspects that may bring a stigma.
With the increasing importance of mental and behavioral health becoming ever more articulated, the healthcare industry must adapt and develop long-term solutions that incorporate as well as reference more than just patient history and demographics to help individuals understand and prepare for the unprecedented challenges they may encounter.
The debate over sharing behavioral health conditions
Given the number of people experiencing mental health issues who do not receive adequate treatment, the U.S. faces a growing need to take action.
When examining the widely occurring health causations in the United States, mental illnesses are among the most prevalent:
- More than 50% will be diagnosed with a mental illness or disorder at some point in their lifetimes.
- 1 in 5 Americans will experience a mental illness in a given year.
- 1 in 5 children, either currently or at some point during their lives, have had a seriously debilitating mental illness.
- 1 in 25 Americans lives with a serious mental illness, such as schizophrenia, bipolar disorder, or major depression.
While the healthcare industry has taken great pains during the previous few decades to ensure the privacy of every individual’s health information, there are increasing calls for the details of some citizens’ behavioral health conditions to be made accessible to a wide array of clinicians and non-clinicians—some of whom have no personal relationship with that individual. HIPAA allows for use of data under certain conditions for research purposes, but such use must balance ethical concerns around patient privacy and the stigma often associated with mental illness.
To what extent, if any, should an individual’s rights, including the confidentiality of their PHI, be limited in an effort to benefit others? That is the issue at hand. It may be further complicated by the potential for judgement errors from those in authority, misdiagnosis of illness by clinicians, and the risk of less than expected positive benefit to the public from the policies ultimately adopted.
How healthcare providers can support mental health
When it comes to supporting mental health, knowing is half the battle. Healthcare providers need to have a solid outreach and education plan to raise awareness of benefits and services among members. Health plans should develop an outreach and education plan with information that is not only easy to understand, but that reaches members where they are most likely to be, whether it is online or at a Federally Qualified Health Center (FQHC). The goal of any outreach and education campaign should be two-fold:
- Comprehension: Members should understand what benefits and services are available to them, how their insurance covers these services, and any cost sharing they are responsible for.
- De-stigmatization: Healthcare providers should present or publish benefit information a manner that promotes de-stigmatization. Members with mental health needs should feel comfortable seeking information and know that their information is safe. They must feel confident that their searches and medical records are not accessible to anyone other than themselves or their provider.
Design and access of benefits
Providing a robust design and benefits composition that is meaningful and easily accessible to members is critical to meeting their needs. Consider traditional, virtual, and plug-and-play when determining offerings, while also being cognizant of diluting the composition mix by having too many options—which creates member confusion and app fatigue rather than relief.
Access is another critical element to consider. Technology has had an enormous impact on consumer behavior and has greatly influenced member expectations. Gone are the days that providers and health plans operate on or follow an 8-to-5 weekday schedule. As such, health plans should incorporate providers who are able to coordinate same-day appointments, either in-person or virtually, into their networks. Consideration should also be given to mental health providers who offer atypical hours—meaning they have appointment availability in the evenings to help members around the clock.
Data and records security
Finally, the security of members’ PHI and health records is of utmost importance. PHI data should be protected with an encrypted cloud-based system to prevent data breaches. Entities should also consider implementing an audit system to track activity in real-time and keep their software up to date to mitigate the risk of a data breach. Robust cybersecurity measures are a must to protect members and their PHI. However, should a member need to access their medical records for any reason, the process for requesting and obtaining this information should be easy, intuitive, and seamless, minimizing stress for members.
The future of (mental + physical) healthcare
As we shift from carving out mental health services to incorporating and improving the understanding of the interconnectedness between physical and mental health, supporting members—while protecting and respecting their privacy—will be a paramount priority. Health plans must maintain HIPAA compliance, with mental health data privacy being no less important than standard PHI privacy. Plans should seek to apply appropriate technical, physical, and administrative protections. Organizations should utilize regular training for their employees to make sure that staff at every level know the importance of mental health data privacy. And lastly, organizations should have regular reviews to ensure employees understand the full picture of HIPAA regulations in addition to local and state laws. These activities will help organizations gain a firm handle on employees’ mental health data security needs.