Yes. The same consent rules apply whether the services are provided on or off- campus and whether the provider is required to comply with HIPAA or FERPA confidentiality laws. Under California law, minors of any age may consent to both sexual assault services and pregnancy-related health care (including contraception, pregnancy testing, prenatal care, abortion and postnatal care), and minors 12 and older may consent to care related to prevention, diagnosis, and treatment of sexually transmitted diseases. Minors 12 and older may also consent to MH counseling in many cases. A clinic or school cannot adopt a policy that requires obtaining parent consent for these services, as such a policy would conflict with state constitutional and statutory law. (See Covered Entities in Additional Resources.)
HIPAA/CA: If the records are subject to HIPAA and CMIA, the health provider cannot disclose information or share records related to minor consent services provided to the student without obtaining written authorization from the student on a HIPAA/CMIA-compliant authorization form.123
FERPA: If the records are within an education file subject to FERPA, the parent may access the information for students under age 18. Generally, a parent has the right to review their minor child’s education record. FERPA does not obligate the school or school employed health provider to affirmatively notify parents of any services delivered, however. If a provider believes that disclosing records may put a student in danger, the provider should contact legal counsel.
It depends. If a school nurse, or another health provider subject to FERPA, documents minor consent information, this becomes part of the education file and is subject to FERPA.
Information in the education file of a student 18 and younger can always be disclosed to the principal with parent consent. Absent parent consent, FERPA permits a school to disclose information in the education record to other school officials as long as the school official has a legitimate educational interest in the information.124 A principal is a school official, but the principal can only access the information if the principal has a legitimate educational interest in the information. FERPA requires schools to include in their annual notices to parents a statement indicating whether the school has a policy of disclosing information from the education file to school officials, and, if so, which parties are considered school officials for this purpose and what the school considers to be a “legitimate educational interest.”125
For the most part, no. The records of health providers operating under FERPA are part of the education record, and parents have a right to inspect the education record of their minor child if they choose to do so.126
There is no exception under FERPA that limits parent inspection rights simply because the information in the record pertains to health care services, with one caveat. Parents usually do not have the right to inspect health information in the education record of students eighteen and older, though there are exceptions to this rule as well.127
It is important to note, however, that to the extent the school health provider holds information that is not in the education record, (such as information from a conversation that was not recorded), the information would not be subject to FERPA.
State law requires school officials to excuse students from school to attend confidential medical appointments. Confidential appointments are appointments to receive services that minors can obtain on their own consent under state or federal law. This includes the mental health and sexual and reproductive health services described in Covered Entities in Additional Resources. The school cannot require that the student have parent or guardian consent in order to attend the appointment and cannot notify parents or guardians when students choose to leave for an appointment during the school day.128 For more information on confidential medical release, including implementation and documentation of absences, please see National Center for Youth Law’s “Confidential Medical Release: Frequently Asked Questions from Schools and Districts”, available at www.teenhealthlaw.org.
If a school-based provider is subject to FERPA, the provider cannot promise that a parent will not be able to access SRH information documented in the education file. Providers subject to HIPAA and CMIA, however, can promise patients additional confidentiality
protections. For some students, this guarantee of confidentiality is critical. These students may choose not to access needed care if confidentiality cannot be guaranteed. In these cases, the provider whose records are subject to FERPA may wish to consider referring the student to a provider operating under HIPAA, and confidential medical release is one mechanism the student can use to make such an appointment possible.