• E-mail
• Print
• RSS

How do you limit patient access to the laboratory reports in a patient record?

HIPAA Weekly Advisor, March 21, 2003

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

Q: How do you limit patient access to the laboratory reports in a patient record?

The Clinical Laboratory Improvements Act (CLIA) says that labs in our state can only perform tests ordered by an authorized clinician or health care provider, and you can only disclose test results to that clinician or provider. What do you do when patients demand to see their medical records with lab results mingled throughout?

A: When patients request access to their medical records or designated record sets held by ordering clinicians, they are permitted under CLIA to see those test results. CLIA just prevents the LABS from releasing the results, because the clinician is presumed to be the more appropriate person and has a direct relationship with the patient. In that way, if lab results are likely to have a profound impact, the clinician can discuss those results with the patient as they are released.

Even then, under HIPAA, the clinician may prevent access to specific information (I don't know if lab results themselves would ever fall under this exception. that's a professional judgment question) under limited circumstances, such as serious danger to the patient. Affected covered entities should be sure to have a documented procedure for addressing this situation before it arises.

Editor's note: Answered by Kate Borten, CISSP, president of The Marblehead Group, in Marblehead, MA, and excerpted from the April 2003 issue of Briefings on HIPAA. This is not legal advice. Be sure to consult with your facility's legal counsel for legal matters.

Want to receive articles like this one in your inbox? Subscribe to HIPAA Weekly Advisor!

• E-mail to a Colleague
• Print
• RSS
• Archive