Ohio Public Records Briefing - Issue #7
Public records as zombies, HIPPA, and THE Ohio State University - this issue has it all!
Welcome to the seventh issue of the Ohio Public Records Briefing! You read the subheading right - we’re talking about zombies as they apply to public records, plus a whole host of more fun! Let’s dive in.
Fun Fact
HIPAA is not an exception to Ohio’s Public Records Act.
Have you ever heard of HIPAA? It’s the Health Insurance Portability and Accountability Act, a federal law that regulates how medical providers have to keep patient records private.
Odds are you’ve heard someone say that something isn’t a public record because it’s protected by HIPAA. Turns out that person is wrong because (we’ll say it again!) HIPAA is not an exception to Ohio’s Public Records Act.
We’ve said it a few times just in this edition, but the Ohio Supreme Court said it first!
Now, in recent years the Ohio General Assembly has added a few exceptions that function a little like HIPAA. But largely those exceptions either apply only to certain people (e.g., first responders) or to body camera footage. The Public Records Act also has its own medical records exception that protects some of the same kinds of records HIPAA would.
So, if you want to win a bar bet that doesn’t involve sports, bet a fellow public records enthusiast that HIPAA is not an exception to the Ohio statute. Then eagerly claim your winnings!
Things You Should Know, But Might've Forgotten
Once a record is public it will always* remain public.
Let us explain. Say you asked your attorney for an opinion on a policy question about a specific case. Then, one day, Lucille Bluth submits a public records request asking for any emails about that case. Let’s assume here that she made an appropriate request, and it wasn’t overbroad. Along the way, you also decide to release an attorney/client privileged email that provides legal advice about the case from your agency’s lawyer.
So, when Bob Loblaw requests all the emails about that same case, you might think – I’m too smart for this! I’m going to send him all the emails except the attorney/client privileged ones because attorney/client privileged material is exempt from release. Well, we have some bad news for you – you can’t do that.
Once a record is made public, it stays a public record. This is true even if you could have used a valid exception or privilege to withhold it from the initial request. If you knowingly released attorney/client protected emails, reports that could have been protected under Confidential Law Enforcement Investigative Record (CLEIR) or other kinds of records, you’ve made those public records for anyone else who might ask for them. In releasing a record once, you’ve let the horse out of the barn or squeezed the toothpaste out of the tube. Whatever your favorite metaphor, there’s no going back.
* Anytime you’re dealing with lawyers, there’s usually going to be an asterisk. There’s an exception to what we say and here it is: Some public records that are public today might become private in the future if a court orders the records sealed or expunged. In that rare instance, things you’ve released before as public records will become exempt from release – in fact, it would be a crime to release it (sorta like what happened here). While the sealing of records has gotten somewhat broader in recent years, this is still a small exception.
Here’s another important point to remember for law enforcement. Nearly all the confidential records you have now at your agency will eventually become public with the passage of time (gasp!).
There’s a time limit on CLEIR – once the case is over, or closed, or it goes to trial, 99% of the documents that were previously not public because of CLEIR will become available to the public (some things like uncharged suspects can stay confidential forever but more on that in future issues).
What’s the TL;DR? Once a record becomes public, it remains public. If you break the seal, it’s public forever.
What’s that have to do with Zombies?