Understanding HIPAA and Your Church

It’s a pretty common situation. <i>A Pastor is asked to go to the hospital and pray for someone’s sick loved one, member of the congregation or not. He goes, and the patient, or the patient’s family, verbally explains the full nature of their illness to him for prayer purposes. At the next church service, the Pastor requests that the congregation add their prayers to his, and he reveals to them the specifics of the prayer request.</i>

Whether he knows it or not, the Pastor in the above example has just violated the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule, a federal law that protects individuals from having their personal health information disclosed without their written consent. The patient for whom the Pastor and his congregation are praying is within their rights to pursue disciplinary action against this church. Without church insurance, specifically General Liability Insurance, the church would be solely responsible for any fees associated with such a claim.

Although the insurance itself can be relatively expensive, free church insurance quotes are available. Churches can shop around for the best policy to meet their legal and financial needs, but General Liability Insurance should be viewed and planned for as a necessity. No church can afford to go without coverage for long. Because many people view their church as a safe haven where they can spill their private information, churches are in a high-risk category for violations of HIPAA.

So what does this mean for a Pastor or a congregation that strongly believes in prayer for healing the sick? Does it mean they can never pray again? No; it just means that no one, other than the affected party, may reveal the exact nature of the illness or malady. A request for prayer for “total healing” may be communicated without violating HIPAA, but a request for “total healing from kidney failure” may not. However, if your church has a prayer list that is regularly disseminated amongst the congregation, and the person writes down their request for prayer and chooses to disclose their illness, then they are free to do so, and the church is still free to distribute the prayer list in their usual way.

With or without insurance, the best policy is to view all health related prayer requests communicated verbally as confidential. Allowing people to reveal their own illness preserves accuracy and prevents speculation. It also helps preserve the church’s reputation for being a safe haven while protecting the church’s ability to continue as a house of prayer.

Scroll to Top