Over the last few weeks, a few articles of mine addressed interacting with government agents. One topic that I did not discuss was determining whether you can, should, or must share information with the government.
Unfortunately, it’s not possible to definitively answer that question for every topic, even in a book chapter, let alone in this article. In fact, I don’t know the answer for every possible scenario that might arise. I’ve dealt with the Nuclear Regulatory Commission, but I haven’t interacted with the Treasury Department or Secret Service, for example.
I don’t know that anyone knows the full authority of every single government agency, but I do know the basic principles that one can and should apply when a government agent requests information.
Threading this needle is hard. You may remember the story of a clinic that was visited by an individual demanding to photograph the clinic’s durable medical equipment (DME) inventory. The receptionist, fearful of breaching the Health Insurance Portability and Accountability Act (HIPAA), refused to allow the agent into that area. As a result, the clinic failed its DME survey and lost its DME number for two years.
But lest you think “when in doubt, grant access,” don’t forget about the hospital that provided a copy of a medical record to a local police agency, only to face a successful lawsuit from the patient for breaching confidentiality.
Knowing that I, a lawyer with three decades of experience, don’t know the answer to all these questions, what should you tell a receptionist working their first job about how to handle interactions with folks from the government?
The answer is to do four very simple things.
First, be polite. This is a good principle in every situation. At times you might need to be firm, but firm is not inconsistent with polite. Kindness can get you through a lot of challenging situations.
Second, openly acknowledge a dilemma. Saying “we always like to provide information when we’re able, but we have to be careful to be sure we’re protecting patient confidentiality as necessary” is entirely accurate, and will help the requestor understand that you’re not merely being obstructionist. Ask the agent to provide the legal authority on which they are relying. Humility is a close relative to kindness; openly admitting your desire to “do the right thing” and the legal ambiguities associated with sharing information that the law often protects will earn goodwill from most well-intentioned agents.
Third, recognize you can’t un-ring the bell. Once information is given out, there’s really no way to get it back. For that reason, it makes sense to err on the side of declining to provide information, at least initially. It does augment the risk you’ll wind up like the poor clinic losing its DME number.
But it’s the fourth and final step that will really minimize risk. Get legal on the horn immediately. Other than a search warrant, I don’t know of a situation in which an agent has a right to access within a few minutes. The U.S. Department of Health and Human Services Office of Inspector General (HHS OIG) has the right to “immediate access” to records, but “immediate access” is defined as within 24 hours. Requests from the government for information are rare enough that they can universally be considered worthy of a call to counsel. When government agents show up at one of my clients, I expect to be pulled away from whatever I’m doing. It doesn’t happen often, but when it does, it’s important. Making a government agent wait for a few minutes while you confirm it is permissible, and totally reasonable.
You may want to stash away a copy of Hall and Oates’ “X-Static” album, so you can play the single “Wait For Me” as you work through the legal minefield. As they sing, “I guess that’s more than I should ask, but won’t you wait for me.
Please wait for me.” If you are kind enough as you do it, odds are that they will!
