Technology is increasing the quality and quantity of health data available, and clubs are continuing to expand into allied health spaces—like nutrition counseling and physical therapy—which makes understanding HIPAA crucial. When planning your programs, it’s important to consider if any aspect of your program brings HIPAA into scope.
What Do You Need to Know about HIPAA?
HIPAA is triggered when protected health information is transmitted electronically in connection with a transaction for which the Department of Health and Human Services (HHS) has adopted a standard. The HHS defines these transactions as an “electronic exchange of information between two parties to carry out financial or administrative activities related to health care.” For example, a dietitian transmitting health information to an insurance provider for the purpose of payment for services provided qualifies as one of these transactions and is thus protected by HIPAA.
Additionally, clubs should consider HIPAA regulations when they perform certain functions or services with or for a HIPAA covered entity (acting on their behalf) and have access to protected health information to carry out those functions or services (making them a business associate). This could be, for example, a health club that creates a health risk assessment, receives physician referral forms, or sends updates to an HMO, which includes protected health information or personally identifiable information in connection with healthcare services.
It’s Always a Good Practice to Protect Member Health Privacy
Even if your club is not required to comply with HIPAA regulations, you can implement a few key best practices for dealing with—and protecting— personal health information. It is important to protect your members’ privacy and security, demonstrate your club’s understanding of privacy practices to medical partners, and protect your business.
Clubs Should Consider These Best Practices
Avoid talking about a member’s health or healthcare—including medical diagnoses like diabetes, medications, weight, etc.—with anyone other than the member without the member’s express consent. This includes other trainers and the client’s family.
Avoid discussing private, health-related information with your members—like their weight, medical conditions, medications, etc.—in public areas where other members might easily overhear you. Wait to talk with your members about any health-related topics, including prescriptions or illnesses, until you are in a private space away from other members.