Elizabeth Nash was 21 and just finishing her junior year at the College of William & Mary when she had a miscarriage. She planned to tell her parents about it in person, but her insurer beat her to it when, as a matter of routine, it mailed them a form that described the medical treatment she’d received.
Nash says the experience “caused a rift that took a while to repair.”
Nash, now 38, recently co-authored an analysis of state laws on health-care confidentiality for insured dependents for the Guttmacher Institute, a reproductive health organization, and was surprised to find that state laws in this area are “so lacking and vague and mushy.”
Under the Affordable Care Act, which allows adult children to stay on their parents’ plans until they reach age 26, breaches of privacy such as the one Nash experienced may become a growing problem. Since the law passed, more than 3 million young adults have gained coverage, according to the Department of Health and Human Services.
Although parents must give consent for most care provided to children younger than 18, many states allow minors to consent on their own to such potentially sensitive services as testing and treatment for sexually transmitted infections, prenatal care and delivery, contraception and outpatient treatment for mental health and substance abuse.
The privacy rule of the federal Health Insurance Portability and Accountability Act (HIPAA), which took effect a decade ago, generally prohibits the unauthorized disclosure of individuals’ medical records and other health information. But there’s a catch. Health-care providers and insurers can generally use such information when trying to secure payment for treatment or other services.
By Michelle Andrews, Kaiser Health News