Q&A: You've got questions! We've got answers!
Physician Practice Insider, February 9, 2016
Submit your questions to Associate Editor Nicole Votta at nvotta@hcpro.com and we will work with our experts to provide you with the information you need.
Q: If an unaffiliated healthcare entity or practitioner requests protected health information (PHI) on a patient previously treated at our facility who is now being treated by the requestor, can we release this PHI without patient authorization? Our facility did not coordinate the visit or refer the patient to the requestor. The patient sought treatment there of his/her own accord. Would this fall under treatment, payment, and healthcare operations (TPO)?
A: The disclosure would fall under TPO. HIPAA does not require patient authorization for disclosures to other treating healthcare entities or practitioners for the purposes of TPO. It’s a good idea to pay attention to state privacy laws and other federal privacy laws, such as 42 CFR Part 2, if the PHI to be disclosed falls into the category of specially PHI that requires, pursuant to state or other federal law, you obtain authorization from the patient before disclosing the PHI.
You can adopt a practice requiring other practitioners or healthcare entities to obtain authorization from the patient before disclosing the PHI. This practice would be more stringent than HIPAA and is allowed. It is important not to view the more stringent practices as a HIPAA mandate.
Editor’s note: Chris Apgar CISSP, president of Apgar and Associates in Portland, Oregon, answered this question for HCPro’s Briefings on HIPAA newsletter. This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions.
Related Products
Most Popular
- Articles
-
- CMS seeks comment on quality measures
- Practice the six rights of medication administration
- Don't forget the three checks in medication administration
- Note similarities and differences between HCPCS, CPT® codes
- Nursing responsibilities for managing pain
- ICD-10-CM coma, stroke codes require more specific documentation
- OB services: Coding inside and outside of the package
- Q&A: Primary, principal, and secondary diagnoses
- Clearing up the confusion: CPT codes 76376 and 76377
- CMS creates web portal for questions about 1135 waivers, PHE
- E-mailed
-
- Coronavirus vaccination: 4 best practices for communicating with patients
- Grievances, Complaints, and Patients’ Rights
- Keyes Q&A: Generator lighting, fire dampers, eyewash stations, ISLM fire drills
- Including 46600 in E/M leveling systems
- How to get reimbursed for restorative nursing
- Fetal non-stress tests represent important part of maternal and fetal health
- Coding, billing, and documentation tips for teaching physicians, interns, residents, and students
- Coding tip: Know how to correctly code each procedure an otolaryngologist can perform on turbinates
- Coding Clinic reiterates guidelines for provider documentation
- CMS creates web portal for questions about 1135 waivers, PHE
- Searched