Mental and Behavioral Health — Corrective action / RA

Full description

Navigate to: HIPAA for Professionals Regulatory Initiatives Privacy Summary of the Privacy Rule Guidance Combined Text of All Rules HIPAA Related Links Security Security Rule NPRM Summary of the Security Rule Security Guidance Cyber Security Guidance Breach Notification Breach Reporting Guidance Reports to Congress Regulation History Compliance & Enforcement Enforcement Rule Enforcement Process Enforcement Data Resolution Agreements Case Examples Audit Reports to Congress State Attorneys General Special Topics Parental Access Mental and Behavioral Health Change Healthcare Cybersecurity Incident FAQs HIPAA and COVID-19 HIPAA and Reproductive Health HIPAA and Final Rule Notice HIPAA and Telehealth HIPAA and FERPA Research Public Health Emergency Response Health Information Technology Health Apps Patient Safety Covered Entities & Business Associates Business Associate Contracts Business Associates Training & Resources FAQs for Professionals Other Administrative Simplification Rules Substance Use Disorder Confidentiality Information Related to Mental and Behavioral Health, including Opioid Overdose At times, health care providers need to share mental and behavioral health information to enhance patient treatment and to ensure the health and safety of the patient or others. Parents, friends, and other caregivers of individuals with a mental health condition or substance use disorder play an important role in supporting the patient’s treatment, care coordination, and recovery.The HIPAA Privacy Rule is designed to protect the privacy of all of an individuals’ identifiable health information and to ensure that health information is available when needed for treatment and other appropriate purposes. Given the sensitive nature of mental health and substance use disorder treatment information, OCR is providing this guidance addressing HIPAA protections, the obligations of covered health care providers, and the circumstances in which covered providers can share information—as applied to this context.This page is intended to be a one-stop resource for guidance and other materials on how HIPAA applies to mental health and substance use disorder information. It will be periodically updated with additional information.Fact SheetsHIPAA Helps Caregiving ConnectionsInformation for patients with a mental health condition or substance use disorder, family and friends of these patients, and mental health professionals with a patient who may be a danger to themselves or others.HIPAA Helps Mental Health Professionals to Prevent HarmHIPAA Helps Family and Friends Stay Connected with Loved Ones Who Have a Substance Use Disorder, including Opioid Abuse, or a Mental or Behavioral Health ConditionWhen can I obtain treatment information about my loved one? (decision chart)If You Experience a Health or Mental Health Crisis, HIPAA Helps Your Doctors, Nurses, and Social Workers to Reconnect You with Family, Friends, and CaregiversHow HIPAA Allows Doctors to Respond to the Opioid CrisisWhen Your Child, Teenager, or Young Adult has Mental Illness: What Parents Need to Know about HIPAAAm I my child's personal representative under HIPAA?When may a mental health professional use professional judgment to decide whether to share a minor client’s treatment information with a parent?When can parents access information about their minor child’s mental health treatment? (Decision Chart)HIPAA Privacy Rule and Sharing Information Related to Mental HealthThis guidance addresses some of the more frequently asked questions about when the Privacy Rule permits a health care provider to share the protected health information of a patient who is being treated for a mental health condition. The Rule is carefully balanced to allow uses and disclosures of information—including mental health information—for treatment and certain other purposes with appropriate protections. The mental health guidance addresses three core areas:How information related to mental health is treated under HIPAA;When information related to mental health may be shared with family and friends of an individual with mental illness, including parents of minors; andThe circumstances in which information related to mental health may be disclosed for health and safety purposes.Guidance on Responding to an Opioid OverdoseHHS Office for Civil Rights has released guidance on when and how healthcare providers can share a patient’s health information with his or her family members, friends, and legal personal representatives when that patient may be in crisis and incapacitated, such as during an opioid overdose.HIPAA and Personal Representatives for Adults and MinorsHIPAA recognizes that some patients (including those with a mental illness or substance use disorder) may be unable to make their own health care decisions, including decisions related to health information privacy. HIPAA provides personal representatives of a patient with the same rights to request and obtain health information as the individual, including the right to obtain a complete medical record under the HIPAA right of access.Parents of minor children (typically under age 18) are generally the personal representatives of their children. State law addresses the age at which a minor child may consent to certain types of health care and may contain additional requirements related to disclosing a minor’s health information to parents (or withholding it).HIPAA also allows a health care provider to determine, based on professional judgment, that treating someone as a patient’s personal representative for HIPAA purposes would endanger the patient, and to refuse to treat the person as a personal representative under those circumstances. This applies whether the patient is an adult or a minor child.Mental Health FAQ’sOCR has organized certain FAQ’s related to handling mental health information under HIPAA in two easy-to-access PDFs.HIPAA Privacy Rule and Sharing Information Related to Mental HealthAdditional FAQs on Sharing Information Related to Treatment for Mental Health or Substance Use Disorder—Including Opioid AbuseSubstance Use Disorder Treatment RecordsThe protected health information of individuals who receive substance use disorder treatment in federally assisted programs is subject to additional confidentiality protections under 42 USC 290dd-2 and 42 CFR part 2 (collectively, “Part 2”). Find more information about Part 2. Content last reviewed February 13, 2026