The Children and Youth Behavioral Health Initiative (CYBHI) recently released a toolkit detailing two federal data privacy laws — the Family Educational Rights and Privacy Act (FERPA) and the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule — and how they might apply in different school behavioral health partnerships in California.
The toolkit, Navigating HIPAA and FERPA for Integrated School Behavioral Health Services, outlines key issues when considering student privacy to maintain confidentiality and build trust, and outlines the importance of information-sharing to facilitate and coordinate care.
Authors note that while the toolkit focuses on two federal laws, it was written with California-specific laws and context in mind, highlighting state efforts such as the CYBHI, the Fee Schedule Program and the California Community Schools Partnership Program, which have helped to strengthen relationships between local educational agencies, behavioral health agencies and providers, and other community partners.
“These collaborations aim to improve behavioral health services available at and through schools, ensuring that children, youth, and their families can better access the support they need,” the toolkit states. “Effective school-behavioral health partnerships create opportunities for prevention, early intervention, timely referrals, and comprehensive service delivery. This coordinated approach helps ease burdens on children, youth, and families while improving care across systems.”
However, for partnerships to succeed, health officials noted that it is necessary for LEAs and their partners to “establish clear policies and protocols that consider the importance of information-sharing to facilitate and coordinate care, and the importance of privacy to maintain confidentiality and build trust between children, youth, families, and the professionals who support them, including school staff and health care providers.”
Understanding how to navigate FERPA and HIPAA, which set boundaries regarding how, when and with whom information may be shared, can be challenging, but is vital to supporting students and families.
In many ways, FERPA and HIPAA are similar. However, there are some important differences that administrators, practitioners and others must be aware of. In addition to defining these laws, the toolkit provides checklists and several hypothetical case examples to show how these laws can apply to LEAs depending on the network design — how services are provided and funded within a partnership — and how that can shape policy and practice.
“Building a collaborative system of behavioral health care for children, youth, and families in California takes time, dedication, and shared commitment between education and health partners,” according to the toolkit. “By focusing on shared goals, partners can ensure that families get the care they need while respecting their privacy and following confidentiality laws. As a leader in this effort, you have the ability to break down barriers and create more connected systems.”
