MYTH: Health care providers must obtain parent consent under HIPAA to share child vaccination records with a state immunization registry
FACT: HIPAA does not prevent health care providers from sharing child immunization data with the state, but state law may allow parents to opt-out of sharing their child’s information.
Vaccine registries – or immunization information systems (IIS) –are now being used in all 50 states and the District of Columbia. These systems keep a record of all immunizations given to children, and some states also collect data on adult immunizations. While some states do allow parents to opt-out of sharing this information with a registry, HIPAA itself does not prevent providers from sharing patient immunization information, even if a parent does not provide consent. To learn more about HIPAA's role in relation to vaccine registries, please read our Myth Buster below.
Enter the password to open this PDF file: