The Catholic University of America

Responsibilities of Director of Student Health Services

Federal Laws

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Note: The CUA Student Health Service is not a HIPAA covered entity. Certain steps have been taken to ensure this status remains, and the Director of Student Health Services is responsible for maintaining the status quo with respect to non-coverage by HIPAA for Student Health Services. This requires ensuring that the Health Center does not engage in *standard electronic transactions* with third party payors without first consulting with the Office of General Counsel.

DC Laws

Immunization of School Students

This chapter of the Code requires schools to obtain a certification of immunization before admitting any student, unless they fall under an exception. Exceptions are granted for students who object in good faith for religious beliefs and submit this objection in writing to the chief school official. Also, a student may be exempt if they obtain a written certificate from a private physician or such that states that the immunization is inadvisable for medical reasons. This requirement is mandatory for all other students under the age of 26 and covers initial immunization and any boosters or re-immunizations required in accordance with standards issued by the public health authorities.

Duties: If a student does not have certification, the school must notify the student that: (1) he/she needs certification; (2) that the school may not admit the student until they do so; (3) that immunization can be done by a private physician or the public health authorities; and (4) how to contact these authorities to learn when and where the service can be performed. However, failure to comply with this duty does not subject the school or school official to liability in damages. See D.C. Code Ann. § 31-504. In addition, the school may not allow the student to attend school for more than 10 days without certification unless the student is undergoing a series of treatments that will extend beyond the 10 days and the school receives written notification that the immunization is in progress.

District of Columbia Mental Health Information Act of 1978
This law is codified at D. C. Code § 7-1201.01 et seq.

This law places strict limits on the disclosure of mental health information absent written consent from the patient.

Disclosure: Disclosure on an emergency basis may be made to one of more of the following: The client's spouse, parent, legal guardian, a duly accredited officer or agent of the District of Columbia in charge of public health, the Department of Mental Health, a provider as defined in § 7-1131.02(27), an officer authorized to make arrests in the District of Columbia or an intended victim if the mental health professional reasonably believes that such disclosure is necessary to initiate or seek emergency hospitalization of the client under § 21-521 or to otherwise protect the client or another individual from a substantial risk of imminent and serious physical injury. There are also limited disclosures, including one for third party payors for the purpose of payment of benefits which is limited to administrative information, diagnostic information, the voluntary or involuntary status of the client, the reason for admission or continuing treatment, and a prognosis limited to the estimated time during which treatment might continue.

Recordkeeping: When a disclosure occurs, a notation must be entered and maintained with the patient's record of mental health information. The notation must include the date of disclosure, to whom disclosed, and a description of the contents of the disclosure. In all cases except for disclosure pursuant to the emergency provision, the disclosure must be accompanied by a statement to the effect that: "The unauthorized disclosure of mental health information violates the provision of the District of Columbia Mental Health Information Act of 1978. Disclosures may only be made pursuant to a valid authorization by the client as provided in title III or IV of that Act. The Act provides for civil damages and criminal penalties for violations."

Form of written authorization of disclosure:

The disclosure must:

(1) Specify the nature of the information to be disclosed, the type of persons authorized to disclose such information, to whom the information may be disclosed and the specific purposes for which the information may be used both at the time of the disclosure and at any time in the future;

(2) Advise the client of his right to inspect his record of mental health information;

(3) State that the consent is subject to revocation, except where an authorization is executed in connection with a client's obtaining a life or noncancellable or guaranteed renewable health insurance policy, in which case the authorization shall be specific as to its expiration date which shall not exceed 2 years from the date of the policy; or where an authorization is executed in connection with the client's obtaining any other form of health insurance in which case the authorization shall be specific as to its expiration date which shall not exceed 1 year from the date of the policy;

(4) Be signed by the person or persons authorizing the disclosure; and

(5) Contain the date upon which the authorization was signed and the date on which the authorization will expire, which shall be no longer than 60 days from the date of authorization.

In addition, a copy of the authorization shall be provided to the client and the person authorizing the disclosure; accompany all such disclosures; and be included in the client's record of mental health information.

Limitations on client right to access: Personal notes are not subject to the patient right to access rules. Personal notes are defined in the code as mental health information regarding a client which is limited to mental health information disclosed to the mental health professional in confidence by other persons on condition that such information not be disclosed to the client or other persons; and the mental health professional's speculations. In addition, statutory authority exists which grants the mental health professional the ability to limit access to the client in situations where necessary to protect the client or another individual from a substantial risk of imminent and serious physical injury. The client must be told if complete access in not granted. In addition, the mental health professional primarily responsible for treatment may also:

· refuse to disclose mental health information; or

· limit disclosure of mental health information

This discretion exists even if the client has signed a release, but the mental health professional must believe limited or non-disclosure is necessary to protect the client from a substantial risk of imminent psychological impairment or to protect the client or another individual from a substantial risk of imminent and serious physical injury. Further requirements apply if this provision is utilized by the mental health professional (notification, right to review, etc.) and they can be found in D.C. Code § 7-1202.06.

Policies for which Director of Student Health Services is Responsible Official

Immunization Requirements for Students