Back to the Network Blog

Infectious Disease Reporting in Correctional Facilities: A Story from Prison

posted on Thu, Aug 15 2013 4:38 pm by Veda Collmer and Susan Hicks

On June 21, 2013, staff from the Western Region of the Network for Public Health Law traveled to an Arizona correctional facility to present to first responders, correctional officers, nurses, and public health officials about ways to prevent the spread of infectious diseases in prisons and other detention facilities. We discussed Arizona laws mandating infectious disease reporting, and reviewed the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule as it applies to public health activities in correctional settings. 

Infectious disease reporting in correctional facilities

Because communal living in correctional facilities intensifies the threat of infectious diseases, reporting outbreaks to state public health agencies is a top priority. All states have laws dictating reporting requirements for correctional facilities, and these laws or regulations list specific diseases and timelines for reporting to the appropriate public health authority. Diseases such as tuberculosis and HIV are a constant concern; however, recent outbreaks in Arizona and California have highlighted two less common diseases: Valley Fever and Botulism. 

Valley Fever is a flu-like illness caused by an airborne fungus. Though symptoms are usually mild, Valley Fever can result in death — as it has for dozens of inmates in California prisons. To ensure inmate and personnel safety, the prisons transferred hundreds of inmates from affected locations and took steps to reduce dust to diminish the spread of the fungus. Concerned that these actions are insufficient, inmate representatives are arguing for more transfers or closure of the most affected prisons, and the issue is currently under review in federal district court. Treatment for inmates with Valley Fever costs California an estimated $23 million annually. 

Botulism — a rare and potentially fatal illness caused by the bacterium Clostridium botulinum — has become an issue in Arizona and Utah prisons. Eight inmates in each state were treated for the disease in 2011 and 2012. Symptoms begin with blurred vision, dry mouth and difficulty swallowing and breathing, but the disease can lead to paralysis and death.  In both states, the outbreaks were traced back to the ingestion of ‘pruno,’ a homemade alcoholic drink common in prisons.  Brews made from potatoes were found to be the likely cause of the botulism outbreak; as a result, some prison kitchens now ban potatoes. 

HIPAA Privacy Rule and infectious disease reporting

The HIPAA Privacy Rule has important implications for correctional health care and disease reporting. All covered entities (health care providers, health plans, and health care clearinghouses) and their business associates must comply with the Privacy Rule, which  generally requires prior patient authorization for use and disclosure of protected health information (PHI) that is not related to standard healthcare transactions (treatment, payment, or healthcare operations). Correctional facilities, which include detention centers and halfway houses, may use or disclose PHI without authorization if 1) it is necessary to provide healthcare to the inmate; 2) to protect the health or safety of inmates, officers, and employees transporting the inmate; and 3) for administrative, security, safety, or to maintain order in the facility. 

Most importantly, the HIPAA Privacy Rule does not prevent infectious disease reporting to a federal, state, tribal, or local public health authority. By law and regulation, these entities are permitted to conduct surveillance, control disease, and prevent injuries. Some well-known public health authorities include the Centers for Disease Control and Prevention (CDC), state departments of health, and local health departments. Correctional health care providers reporting diseases to a public health authority, in compliance with state reporting laws, are not violating the HIPAA Privacy Rule. 

This blog post was prepared by Veda Collmer, J.D., Robert Wood Johnson Foundation Visiting Attorney at the Network for Public Health Law - Western Region, and Susan Hicks, J.D. Candidate and research assistant with the Public Health Law and Policy Program at the Sandra Day O’Connor School of Law at Arizona State University.

The Network for Public Health Law provides information and technical assistance on issues related to public health. The legal information and assistance provided in this document does not constitute legal advice or legal representation. For legal advice, readers should consult a lawyer in their state. The views expressed in this post do not represent those of the Robert Wood Johnson Foundation.

blog comments powered by Disqus