Tuesday morning on the Tennessee Star Report with Michael Patrick Leahy – broadcast on Nashville’s Talk Radio 98.3 and 1510 WLAC weekdays from 5:00 a.m. to 8:00 a.m. – host Michael Patrick Leahy gave his commentary on Tennessee Governor Bill Lee’s recent order allowing COVID-19 test results of private citizens to be released to local law enforcement. He examined whether this was constitutional or a statutory violation of the Health Insurance Portability and Accountability Act (HIPAA) of 1996’s privacy rule.
Well, the big news if you look at our lead story at the Tennessee Star. The state Representative Scott Cepicky from Murray County has written a letter to Governor Bill Lee saying, you know, you need to stop this policy of sharing private information with law enforcement about the details of whether or not somebody has COVID-19.
The governor kind of snuck this in late Friday. Didn’t make a press release announcement about it. And people are very upset about it. On the face of it, it looks to be a violation of the Health Insurance Portability and Accountability Act of 1996. That’s called H-I-P-A-A passed in 1996.
Every time you see people handling medical information you can’t reveal it about any individual because of HIPAA. There are all sorts of rules and regulations that prohibit you from sharing that information. But, Governor Lee thought it would be a good idea to secretly allow COVID-19 test status data, in otherwords if someone has tested positive for COVID-19 right now and we don’t know who else is on this memorandum of understanding between the state and the counties.
So if you’re in a county where the county administrator or law enforcement guys there or I guess the sheriff would have signed this agreement regarding the COVID-19 test. And if you are positive that information is given to this Tennessee Emergency Management Council and they, in turn, give it to the local law enforcement.
So the question is why did Governor Bill Lee think this was a good idea? He hasn’t told us why he thinks it’s a good idea. Although late Friday after the Associated Press broke this story the Governor did say that, well the Department of Health and Human Services has provided guidelines which lets us do this. OK.
But are those guidelines constitutional or are they a statutory violation of HIPAA privacy rule? I think they are. The governor hasn’t really made the case that they are not a violation of the law. And so a lot of us have that question. There’s also a common-sense issue related to this and this was captured in this letter that Scott Cepicky sent.
Go to the tennesseestar.com and you can read the letter. Basically he said, look, this is going to have a chilling effect on people who want to take the test. Let’s just say you want to know. Maybe you have symptoms or maybe your asymptomatic but you think you’ve been exposed.
Why would you go in and take this test if you know the information if you test positive is going to be given to law enforcement and I guess every deputy, sheriff, or police officer in the area of where you live will have the information that you tested positive for COVID-19.
Well, it’s none of their business! A. And B, does it give them an excuse to target you? I think that maybe it does. I’m not a HIPAA expert so this is always dangerous when you are trying to explain these laws and regulations which are very obscure and detailed.
What happens is kind of hard to explain how this works, Congress will pass and within this law which was passed in 1996, they give them to the agencies and those agencies set up rules about how you administer those. And there’s a rule making process where they will have public comment etc.
But the rules are written by bureaucrats who often will write the rules in such a way that they are violating the intent of the law. It happens all the time. And so there have been rules about this. And I went to look at the rules and the original rules in my view would not permit the disclosure of this to law enforcement of this COVID-19 data.
Listen to the full second hour:
– – –