Are Blood Banks (Blood Centers) Considered Covered Entities under the HIPAA Law?

magnusllc...

Thank you for your question.

The Health Insurance Portability and Accountability Act of 1996
(HIPAA) was signed into effect by President Clinton to protect health
insurance coverage for workers and their families when they change or
lose their jobs (Portability) and to protect health data integrity,
confidentiality, and availability (Accountability). It consists of
five sections, or Titles, and places various legal requirements on the
health care industry, covering access, portability, and renewal (Title
I); preventing healthcare fraud and abuse, and promoting
administrative simplification (Title II); medical savings accounts/tax
deductions for the self-employed (Title III); enforcement of group
health plan provisions (Title IV); and revenue offset provisions
(Title V).

Blood banks/centers are covered entities, as defined in 45 CFR
Subtitle A, Subchapter C, under HIPAA as they would be considered an
organization who routinely handles Protected Health Information (PHI).
 PHI is "any information, whether oral or recorded in any form or
medium" that

"[i]s created or received by a health care provider, health plan,
public health authority, employer, life insurer, school or university,
or health care clearinghouse"; and

"[r]elates to the past, present, or future physical or mental health
or condition of an individual; the provision of health care to an
individual; or the past, present, or future payment for the provision
of health care to an individual"

The full Final Rule for Privacy can be found at
http://www.hipaadvisory.com/programs/documents/complete.htm

You can find more information on compliance requirements and HIPAA in
general at
HIPAAdvisory.com, http://www.hipaadvisory.com/.

Thank you again for your question and if you need any additional
clarification, please let me know.

Regards,

-THV

Search Strategy:
HIPAA Blood Bank
HIPAA

References:
HIPAA Compliance Group
http://www.hipaacg.com/

United States Department of Health and Human Services Office for Civil
Rights - HIPAA
http://www.hhs.gov/ocr/hipaa/

HIPAA.org
http://www.hipaa.org/

American Association of Blood Banks
http://www.aabb.org/index.htm

---

Request for Answer Clarification by magnusllc-ga on 13 Dec 2002 14:53 PST

Thank you for your help.
I can find no direct reference to blood banks in 45 cfr a,c.
can yu be specific?

---

Clarification of Answer by tar_heel_v-ga on 13 Dec 2002 15:29 PST

magnusllc..

You are not going to find specific information as it pertains to blood
banks in the HIPAA regs. Just like you won't find reference to several
different types of medical entities.  The fact that blood banks
collect PHI defaults them to fall underneath HIPAA privacy
regulations.  As listed on http://www.hipaacg.com/:
"EXAMPLES OF ORGANIZATIONS AFFECTED BY HIPAA (COVERED ENTITIES)
 All Clinical Settings( Physicians, Dentists, Osteopaths,
Chiropractors, Optometrists etc.)
  Managed Care Plans
  Pharmacies
  Pharmaceutical Benefit Management Companies
  Ambulatory Surgical Centers
  Case Management Services
  Disease Management Companies
  Healthcare Collection Agencies
  Imaging Centers
  Claims Processing Providers
  Management Services Organizations
  Physician Billing Services
  Blood Banks
  Clinical Labs"

You will notice that the above are not listed with the HIPAA
regulations themselves, but are still considered Covered Entities.

You can also a presentation by the Virgina Department of Health
covering HIPAA at http://state.vipnet.org/cts/papers/HIPAABriefing.ppt
and the 9th slide specifcally lists blood banks.

A great resource I have found for HIPAA information is the University
of Buffalo Health Sciences Library
http://ublib.buffalo.edu/libraries/units/hsl/resources/guides/hipaa.html

-THV