 Home 5 Articles 5 CLIA Lab Subject to HIPAA Not Necessarily Exempt from State Medical Privacy Law

CLIA Lab Subject to HIPAA Not Necessarily Exempt from State Medical Privacy Law

by Glenn S. Demby | Feb 16, 2021 | Articles, CLIA-lca, Compliance-lca, Essential, Lab Compliance Advisor

Case: Plasma donors filed a class action claiming that a plasma donation company’s use of a donor-identification system based on a donor’s fingerprints and biometric information without consent violated Illinois medical privacy laws. The company, which happened to be a CLIA lab, claimed that the state law didn’t apply citing the definition of biometric identifiers as excluding “information collected, used, or stored for health care treatment, payment, or operations under” the federal HIPAA law. The exclusion applied, the company argued, because as a CLIA lab, it might have to disclose lab testing results of a donor subject to HIPAA. But the Illinois federal court would let the company use the defense. Significance: The defense failed not because the application of HIPAA would have exempted the company from the state law but because it didn’t adequately explain the connection between collecting a biometric template from donors on the front end and how that template is “collected, used, or stored for health care treatment, payment, or operations under [HIPAA].” The mere fact that the company was a lab subject to CLIA, which in turn made it subject to HIPAA wasn’t enough to establish such a connection, the court explained. [Crumpton […]

Case: Plasma donors filed a class action claiming that a plasma donation company’s use of a donor-identification system based on a donor’s fingerprints and biometric information without consent violated Illinois medical privacy laws. The company, which happened to be a CLIA lab, claimed that the state law didn’t apply citing the definition of biometric identifiers as excluding “information collected, used, or stored for health care treatment, payment, or operations under” the federal HIPAA law. The exclusion applied, the company argued, because as a CLIA lab, it might have to disclose lab testing results of a donor subject to HIPAA. But the Illinois federal court would let the company use the defense.

Significance: The defense failed not because the application of HIPAA would have exempted the company from the state law but because it didn’t adequately explain the connection between collecting a biometric template from donors on the front end and how that template is “collected, used, or stored for health care treatment, payment, or operations under [HIPAA].” The mere fact that the company was a lab subject to CLIA, which in turn made it subject to HIPAA wasn’t enough to establish such a connection, the court explained.

[Crumpton v. Octapharma Plasma, Inc., 2021 U.S. Dist. LEXIS 9520]

Log In

Join Now | Lost Password?

Subscribe to view Essential

Start a Free Trial for immediate access to this article

TRY FOR FREE