If you signed your Estate Plan, whether it included a Will, a Trust, a Power of Attorney or an Advance Medical Directive (“Estate Plan”) before April 2003, or if you used a form from a book your brother-in-law gave you, or filled in the forms on a computer program you purchased for $19.99, you should review your Estate Plan.

Both tax and privacy laws have changed recently, so that your Estate Plan or Form Documents may not include these recent changes. Also changes in your family situation may affect your Estate Plan.

You may have wondered if the Health Insurance Portability and Accountability Act (known as “HIPAA”) does affect your Estate Plan, especially your Power of Attorney and your Advance Medical Directive (“AMD”). If you have not thought about this issue, then you should. HIPAA does affect these documents and may bar certain intended recipients from obtaining certain medical information about you.

Healthcare providers are prohibited by both state and federal statutes (“Privacy Statutes”) from disclosing an individuals protected health information (“PHI). Although it may seem burdensome and time consuming for you to read these privacy notices you receive from your doctor and hospital; believe it or not the Privacy Statutes are for you protection. The primary purpose of these Privacy Statutes are to protect your privacy and information. As such it is intended to restrict unauthorized or unitended recipients from receiving or accessing your PHI which includes both medical and personal information.

Unfortunately, that protection maybe the reason that your Agent, Trustee, Personal Representative (“Fiduciary”) named in your Estate Plan, or family member, may not be able to receive your PHI necessary to carry out the direction in your Estate Plan or discuss your medical condition and treatment with your physicians.

Your Fiduciary named in your Estate Plan is often the person authorized to act on your behalf upon your mental or physical capacity, but if your Estate Plan does not comply with the Privacy Statutes, then your physician may not be able to share your PHI and care with the Fiduciary or family member.

These Privacy Statutes provide a litany of permissible disclosures and recipients of a patients PHI. Because there is a similar legislation enacted under both Virginia and Federal legislation, it is somewhat confusing for the healthcare provider to determine which privacy rules they must follow. For instance HIPAA allows for disclosure to a patient’s Personal Representative whereas in a addition to a Personal Representative for a deceased person Virginia law allows for disclosure to an agent appointed under the patient’s Advance Medical Directive (“AMD), or certain family members if there is no Personal Representative. A Personal Representative for HIPAA is a person who under applicable law has authority to act on behalf of an individual in making decisions related to healthcare. Thus, it appears that an agent named in your AMD, Personal Representative who qualifies under your Will or select family members, if not Personal Representative who qualifies under your Will or select family members, if no Personal Representative qualifies for the deceased, may access your PHI.

The Privacy Statutes do not refer to nor mention other agents or fiduciaries such as an Agent named pursuant to a Durable Power of Attorney or a Trustee named in a revocable Trust. These Agents and Trustees will have a problem in that they may need a physician’s letter to provide to a third party to evidence that they have the authority to act. The problem is that your physician may not discuss your medical condition without an AMD with your Agent or Trustee. Therefore, without access to your PHI  your Agent or Trustee may be powerless to carry out their duties on your behalf.

We recommend that you specifically refer in your Estate Plan the authority for your Fiduciaries to act as your agent for HIPAA and privacy purposes. So what should you do to fix this ailment in your Estate Plan?There are some simple solutions that you can remedy the problem with your Estate Plan.

First, you should review, or have someone review for you, your Estate Plan now.

Second, if you find that the Estate Plan does not provide the necessary authority to your Fiduciary to access your PHI, you can amend your Estate Plan or execute an Authorization form to name your Fiduciaries as your agent for HIPAA and Privacy Statute purposes.

Third, you should review your Estate Plan regularly, yearly and upon a life cycle event.

The next time you visit your physician or receive a privacy notice from your insurance company or health care provider, this should be a reminder for you to review your Estate Plan.


This article does not constitute legal advice.  Readers should consult their legal advisors prior to acting on any information set forth in this article.

Circular 230 Disclosure: This communication is not a tax opinion, and does not constitute tax advice. Pursuant to Internal Revenue Service regulations, this communication is not intended or written to be used by a taxpayer for the purposes of avoiding tax penalties that may be imposed on the taxpayer.