HHS Issues Guidance on Disclosing Health Information During Crisis Situations | Healthcare Informatics Magazine | Health IT | Information Technology Skip to content Skip to navigation

HHS Issues Guidance on Disclosing Health Information During Crisis Situations

October 30, 2017
by Heather Landi
| Reprints

Last week, President Donald Trump issued a call to action that led to the declaration of a nationwide public health emergency regarding the opioid crisis. Following that announcement, the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) released new guidance on when and how healthcare providers can share a patient’s health information with family members, friends, and legal personal representatives when that patient may be in crisis and incapacitated, such as during an opioid overdose.

Current Health Insurance Portability and Accountability Act (HIPAA) regulations allow healthcare providers to share information with a patient’s loved ones in certain emergency or dangerous situations. 

HHS OCR issued guidance, in the form of a pdf document that can be accessed here, outline how HIPAA allows doctors to respond to the opioid crisis. HIPAA allows healthcare professionals to disclose some health information without a patient’s permission under certain circumstances, including sharing health information with family and close friends who are involved in care of the patient if the provider determines that doing so is in the best interests of an incapacitated or unconscious patient, and the information shared is directly related to the family or friend’s involvement in the patient’s health care or payment of care.

According to the HHS OCR guidance, healthcare professionals also can disclose some health information without a patient’s consent in order to inform persons in a position to prevent or lesson a serious and imminent threat to a patient’s health or safety. “For example, a doctor whose patient has overdosed on opioids is presumed to have complied with HIPAA if the doctor informs family, friends, or caregivers of the opioid abuse after determining, based on the facts and circumstances, that the patient poses a serious and imminent threat to his or her health through continued opioid abuse upon discharge,” the HHS OCR officials stated.

Misunderstandings about HIPAA can create obstacles to family support that is crucial to the proper care and treatment of people experiencing a crisis situation, such as an opioid overdose.  It is critical for healthcare providers to understand when and how they can share information with patients’ family members and friends without violating the HIPAA Privacy Rule. 

It is important to note that state or other federal privacy laws may also apply, the agency stated.


Get the latest information on Health IT and attend other valuable sessions at this two-day Summit providing healthcare leaders with educational content, insightful debate and dialogue on the future of healthcare and technology.

Learn More



Study will Leverage Connecticut HIE to Help Prevent Suicides

A new study will aim to leverage CTHealthLink, a physician-led health information exchange (HIE) in Connecticut, to help identify the factors leading to suicide and to ultimately help prevent those deaths.

Duke Health First to Achieve HIMSS Stage 7 Rating in Analytics

North Carolina-based Duke Health has become the first U.S. healthcare institution to be awarded the highest honor for analytic capabilities by HIMSS Analytics.

NIH Releases First Dataset from Adolescent Brain Development Study

The National Institutes of Health (NIH) announced the release of the first dataset from the Adolescent Brain Cognitive Development (ABCD) study, which will enable scientists to conduct research on the many factors that influence brain, cognitive, social, and emotional development.

Boston Children's Accelerates Data-Driven Approach to Clinical Research

In an effort to bring a more data-driven approach to clinical research, Boston Children’s Hospital has joined the TriNetX global health research network.

Paper Records, Films Most Common Type of Healthcare Data Breach, Study Finds

Despite the high level of hospital adoption of electronic health records and federal incentives to do so, paper and films were the most frequent location of breached data in hospitals, according to a recent study.

AHA Appoints Senior Advisor for Cybersecurity and Risk

The American Hospital Association (AHA) has announced that John Riggi has joined the association as senior advisor for cybersecurity and risk.