Remember these exceptions to HIPAA
HIM Connection, July 20, 2004
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Not all protected health information is treated the same under the privacy rule. Sometimes patients don't have the right to keep their information private. Your organization has the responsibility to release information regardless of whether a patient approves, because another law requires disclosure to a government or law enforcement agency.
Six reasons to release confidential information without authorization
- State health agencies require providers to report when patients have certain communicable diseases, even if the patient doesn't want the information reported.
- The Food and Drug Administration requires providers to report certain information about medical devices that break or malfunction.
- Some states require physicians and other caregivers who suspect child abuse or domestic violence to report it to the police.
- Police have the right to request certain information about patients to determine whether they are suspects in a criminal investigation or to assist them in locating a missing person, material witness, or suspect.
- The courts have the right to order providers to release patient information.
- Providers must report cases of suspicious deaths or suspected crime victims.
In all of these cases, make sure your organization complies with the law and reports all information when necessary. If reporting this information is part of your job, follow your facility's policy on what types of documentation to require of those requesting information. Never give out PHI without confirming that the person or agency requesting the information has a legal right to it.
This excerpt is adapted from the HIPAA Training Handbook for HIM Staff: Privacy, Security, and Patients' Rights under HIPAA.
Andrea Dickey
Editorial Assistant
adickey@hcpro.com
Want to receive articles like this one in your inbox? Subscribe to HIM Connection!
Related Products
Most Popular
- Articles
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- Catch up on what's new with injections and infusions
- Topic: CMS, OESS post new security compliance review information, checklist
- Capturing all necessary codes for IUD insertion and removal can be challenging
- HIPAA Q&A: Level of encryption needed for email
- What does case-mix index mean to you?
- QA:Coding multiple initial infusions
- News and briefs: Oklahoma Osteopathic Association against residency bill change
- OB services: Coding inside and outside of the package
- E-mailed
-
- Q/A: Volume requirement for reporting hydration services
- Featured blog post: Nurses face felony charges after reporting physician to the Texas Medical Board
- HIPAA Q&A: Level of encryption needed for email
- CMS has reformulated payments for some bilateral procedures
- Catch up on what's new with injections and infusions
- New conflicts of interest create new challenges
- Q/A. One injection code or two?
- What does case-mix index mean to you?
- Hospitals are not bound by InterQual criteria for determining patient status
- ED-to-inpatient transfers are flawed with safety gaps
- Searched