If HIPAA rules are stricter than state law, which standard should you follow and why?
What if the state law was stricter?
Explain
http://www.apa.org/monitor/jan03/hipaa.html
When the HIPAA rules are stricter than state law, HIPAA preempts state law.
If HIPAA (Health Insurance Portability and Accountability Act) rules are stricter than state law, then you should follow the HIPAA standard. HIPAA is a federal law that sets national standards for the protection of individuals' sensitive health information. It establishes various requirements that covered entities must adhere to when handling and disclosing this information.
The reason why you should follow HIPAA rules when they are stricter than state law is because federal laws generally supersede state laws when there is a conflict. In this case, HIPAA would take precedence and serve as the governing standard. Following the stricter HIPAA guidelines ensures that individuals' privacy and confidentiality are protected to a higher degree. It helps in maintaining consistency and uniformity in privacy practices across different states.
Now, let's consider the scenario where the state law is stricter than HIPAA rules. In such a case, you would follow the state law instead of HIPAA. State laws that provide greater privacy protections than HIPAA are known as "more stringent" laws. When a state has enacted more stringent privacy protections, those requirements must be followed by covered entities operating within that state, even if they differ from HIPAA.
In summary, if HIPAA rules are stricter than state law, you should follow the HIPAA standard. But if the state law is more stringent, you would comply with the state law instead. It is important to be aware of the requirements of both HIPAA and any applicable state laws to ensure compliance with the highest standards of privacy and security.