Write Review
1,892,613 Total Reviews 3,597 New Reviews
12,160 Users Online

Legal Corner

Why don't massages at AMP's fall under HIPAA protection
gemi 4 Reviews 12219 reads
posted

Seems that a lot of the AMP's in Inglewood and Santa Monica, CA
are getting more more LE interest lately.. a few of the girls I am regular with have reduced their menu of services because of weekly vists by PD, and by undercover cops.. THey have said that the PD that visit have opened doors during their visits.. I'm wondering if that is legal to do, or under what circumstance they can do that...(ie. do they have to hear something or can they just indiscriminately spot check ??) In theory isn't a massage a medical procedure, or can't be considered a medical procedure and thus protected under HIPAA ???
Not sure about this so thought some of the lawyers out there might have an idea on this one.

Philibuster9659 reads

I'm a lawyer and know HIPAA pretty well.  I can tell you that the HIPAA privacy rules do not place any restrictions on what police can do.  HIPAA only applies to health care providers and other specific types of entities (not cops).  

California may its own medical privacy rules that go beyond HIPAA, although I strongly doubt there are any that apply to cops.  In any event, I wouldn't want to be the guy arguing that an AMP massage is a medical procedure.

I'm not a criminal lawyer, but if I were (and getting paid for it -- either monetarily or in exchange for services rendered at the AMP) I'd look into whether the cops' opening doors to private rooms constitutes an illegal search under the 4th amendment.  Evidence obtained during an illegal search (such as the cop's testimony that he witnessed the masseuse deep-throating you when he opened the door), as well as evidence that results from an illegal search (such as a evidence obtained from a valid search warrant, if the cop's application for the warrant included information gained during the illegal search) is inadmissible.  The case would get thrown out, and you'd be off scott-free -- although before that happens your name may be published in the paper for your co-workers to read, your wife would kick the shit out of you before kicking you out of the house, etc...

ReplyQuoteReport
bikebryan10165 reads

As a lawyer, you also know that LE does NOT need a warrant to proceed when they have probable cause.  If they've been quietly monitoring the suspected activities at an AMP they would most likely have probable cause and be able to proceed.  Under that rule, when he observes "the masseuse deep-throating you when he opened the door" it stands a very very very good chance of being admissable in court.

Let's not be naive about this.  The judge knows what goes on in the AMP.  The public (you know, the jury pool?) knows as well.

ReplyQuoteReport
Gahlil Gibran10099 reads

I would suggest you take a HIPAA class if you think there are NO restrictions on what police can do.

Straight  from HHS:

http://answers.hhs.gov/cgi-bin/hhs.cfg/php/enduser/std_adp.php?p_sid=PQOW4Wmh&p_lva=&p_faqid=505&p_created=1090595067&p_sp=cF9zcmNoPTEmcF9ncmlkc29ydD0mcF9yb3dfY250PTcmcF9zZWFyY2hfdGV4dD1lbmZvcmNlJnBfY2F0X2x2bDE9NyZwX2NhdF9sdmwyPX5hbnl_JnBfcGFnZT0x&p_li=

Yeah it's a long URL  but it does show the RESTRICTIONS on revealing information about covered entity WRT the police.

Heck I made a shorter link instead....  :)

http://makeashorterlink.com/?T25E21D69

(It IS a good tool)

===============

Just the Preamble in this question and answer section for this particular question is enough to prove you wrong:

The Privacy Rule is balanced to protect an individual’s privacy while allowing important law enforcement functions to continue. The Rule permits covered entities to disclose protected health information (PHI) to law enforcement officials, without the individual’s written authorization, under specific circumstances summarized below. For a complete understanding of the conditions and requirements for these disclosures, please review the exact regulatory text at the citations provided. Disclosures for law enforcement purposes are permitted as follows:

ReplyQuoteReport
Philibuster10692 reads

My answer to the original poster dealt solely with the HIPAA privacy rule issue, and was absolutely correct.  As a corporate lawyer who's only courtroom experience is as a defendant in traffic cases, I deferred to other posters with respect to non-HIPAA issues, and said only that I'd look into whether the cops' actions raised 4th amendment issues (i.e., whether a warrant is necessary.)  

The poster asked if HIPAA restricts what the police can disclose.  The link you provide concerns what covered entities can disclose to law enforcement agencies (or anyone else for law enforcement purposes).  The link does not address the obligations of a law enforcement agency under HIPAA -- because there are none.  In fact, HIPAA does not apply to AMPs either.  In lieu of taking a “HIPAA Class,” as you recommend for me, here’s HIPAA 101 for you:

HIPAA applies to three types of entities (called "covered entities"): (1) health plans (who pay for health care), (2) health care clearinghouses (who deal with electronic communications between plans and providers), and (3) health care providers who electronically conduct certain types of transactions (known as "standard transactions," such as submitting electronic claims to Medicare).  Police officers and police departments obviously are not health plans, health care clearinghouses, or health care providers.  Thus, they are not covered entities -- and even if they obtain protected health information and disclose it in a manner that would be a HIPAA violation for a covered entity, by definition they cannot violate HIPAA.

At first glance it may appear that because AMPs supposedly provide massage therapy (arguably a health-related service), an AMP may be a covered entity as a health care provider.  However, even if they could be called health care providers, I would bet anything that you'll never be able to find an AMP (the ones we're talking about, anyway) that conducts standard transactions electronically.  Accordingly, the AMPs in our universe are not covered entities either, and by definition cannot violate HIPAA.

So, I reiterate my answer from my prior post that HIPAA does not place any restrictions on police activity.  I'll go even further this time, and say that HIPAA does not apply to typical AMPs either.  You quote the preamble to the privacy rule, stating that it is enough to “prove me wrong” (I'm adding some emphasis):  "The Privacy Rule is balanced to protect an individual’s privacy while allowing important law enforcement functions to continue. The Rule permits COVERED ENTITIES to disclose protected health information (PHI) to law enforcement officials, without the individual’s written authorization, under specific circumstances summarized below."  The preamble is just as explicit elsewhere that the HIPAA privacy rule does not apply to non-covered entities.

Class dismissed.

By the way, it's too bad I’m doing this for free, as my bill would be enough to cover at least a two hours' worth of "therapy" from most of the “providers” we discuss on this board...

ReplyQuoteReport
Post Reply Back To Forum
Register Now!