HIPAA and Privacy with Medical Marijuana
The Health Insurance Portability and Accountability Act (HIPAA) is a 1996 federal law designed to protect sensitive health care information and reduce the administrative burden for health care providers. And Medical marijuana now falls within this purview.
Like any controlled substance, medical marijuana requires a robust system of patient verification to ensure that patients who are receiving prescriptions are identified properly using computerized patient verification systems. Medical marijuana is subject to HIPAA regulations. In fact, medicinal cannabis is treated similarly to any other prescription or treatment.
Because of the typical negative connotation that comes with the medical cannabis industry, HIPAA makes sure that they are meticulous about staying within the parameters of the law, and in doing so, rely heavily on these patient verification systems. The HIPAA systems can and typically do contain sensitive health information such as patient contact information, medical records, a patient's diagnosis and other personal information such as driver’s license numbers.
So what does this mean for you as a medical marijuana patient? It means that all of your sensitive information is safe within a compliant medical marijuana dispensary such as Medical Marijuana of the Rockies. All information is hosted in a HIPAA Compliant data point rather than an on-site location.
Additionally, all information supplied when qualifying for a medical marijuana card is also covered under HIPAA and cannot be released with the patient’s written consent or a court subpoena.
As previously mentioned, when it comes to complying with HIPAA regulations, the medical cannabis rules are very similar to the rules for any other medical substance or service. Patients’ information is safe under these regulations in terms of both data storage and employee probes. Businesses that are not in compliance are subject to fines and certain legal actions.