The Substance Abuse and Mental Health Services Administration ("SAMHSA"), in close cooperation with the Department of Health and Human Services Office for Civil Rights ("OCR"), is conducting a study of the “Confidentiality and Privacy Issues Related to Psychological Testing Data.” This study was specifically called for in section 13424 of the Health Information Technology for Economic and Clinical Health ("HITECH") Act.

HIPAA’s Privacy Rule includes special protections relating to the use and disclosure of psychotherapy notes; this SAMHSA study will address whether these special protections also be applied to test data that is related to direct responses, scores, items,forms, protocols, manuals or other materials that are part of a mental health evaluation.

To this end, SAMHSA has announced a regional public meeting in Chicago, Illinois,on October 7, 2010, to give the public a chance to learn about this issue and express opinions. Registration is necessary, but there is no charge for attending. Another regional meeting will beheld this year in Los Angeles in late November or early December. The meeting is designed for mental health professionals, consumers, health care providers and health plans, agency administrators, health information technology experts, and test developers

The significant concepts and issues being addressed in this project include:

  • What activities and information are considered the “test data” that is part of a mental health evaluation? What are the relevant distinctions among test materials, raw data, and reports or assessments with respect to the level of protection currently afforded and/or otherwise necessary?
  • Does the individual (i.e., the subject of the test data) need to know, or have an interest in, inspecting or obtaining a copy of such information?
  • Are there circumstances under which test data should be disclosed to third parties?
  • Should the individual’s authorization be required prior to such a disclosure? To whom should test data be released?
  • How would affording mental health test data a higher level of protection affect the workflow in medical, behavioral health, or psychological practices? Are there any additional implications with respect to clinical integration efforts and the increasing availability of mental health services in general health care settings?
  • How is the issue of greater protection for test data affected by State and Federal laws other than HIPAA?
  • In light of the increasing reliance on electronic health records and the exchange of electronic health data, what are the implications of setting more stringent requirements for the use and disclosure of test data?

Small groups will consider these and other central questions following brief presentations by SAMHSA’s and OCR’s study team.