Nice to see you back Kiddo. Am I correct in that this applies to those medical derogs posted AFTER the full compliance requirement goes into effect. For that matter, I know it was extended, but extended to when? ??? snort
I don't mean to cut into your thread, but you two (charlie and you), are sooooooooooooo bad. LOL................
he he he, So much for privacy (pun intended HIPAA, LOL) eh, charlie? The nightowls are up!!!!!!! IF the filed for an extension Butch, he next deadline (last) is April 13, 2002. A lot of providers, based only on my surfings and lurkings, are only now taking it seriously and won't make it. HIPAA was made into law two years ago. Providers were given two years to become compliant with this law. Many providers have chosen to ignore the warnings. The time to file for an extension has come and gone; it's not even an option anymore and the website has been removed. Announcements have been made that the standards will be enforced (read FINES) and claims will go unpaid for those not in compliance by the deadline. Nurse Sassy
Are you saying that insurance co's will not pay? Will the provider try to go after us then for payment? I'm wondering if the provider's noncompliance with the law will result in OUR having to pay up when the Ins. co's refuse. Also, as this applies to collections, is it retroactive to cover those already placed and reported? Radi8
LOL George, Nawwwwwww, I didn't mean hippo, I COULD mean hippo though. Only if you're gonna play the zoo keeper though while Dr. Charlie is working on Marc's feet ;-) Sassy
Question about this one. The collection agency reporting my medical bill HAD the old bill. I called and requested validation(before I found this site!!) and they sent it to me within 5 days. When I was speaking with the billing manager with the hospital she even had to call the CA to get a copy of the bill because she couldn't find one! Can they do that?
A bill alone isn't validation, live and learn on that one, for me too!!!!!!!! I think, given the same situation, I would then request a copy of my written authorization allowing my medical record to be shared with a third party. It depends too on your state's privacy laws, here's a link that gives a summary of each state, then you have to go hunt up the specifics in your state's statutes: http://www.epic.org/privacy/consumer/states.html Sassy
Physician-Patient Privilege Regarding Health Care Information Forty-two states recognize the doctrine of physician-patient privilege. This privilege belongs to the patient, not the physician; it may be claimed by the patient, a guardian or conservator of the patient, the personal representative of a deceased patient, or the physician, but only on behalf of the patient. The physician-patient privilege is an evidentiary rule that prevents the disclosure in court proceedings of information obtained from physician-patient interaction for the purpose of diagnosing or treating the patient. The privilege, and therefore the protection, may be waived by the patient expressly to allow the physician to testify, or it may be considered to be waived in certain circumstances, such as the hospitalization of a patient in a psychiatric facility, a court ordered examination of the patient, or when the patient's condition is at issue (as in a malpractice suit). The District of Columbia, however, absolutely prohibits the use of medical records or testimony in local court proceedings without the consent of the patient. The scope of the privilege varies from state to state. Some states limit the privilege to communications between patients and physicians; others, such as Oklahoma, include psychotherapists; Colorado's privilege rules also cover registered professional nurses; Illinois' Medical Patient Rights Act includes all public and private inpatient and outpatient health care facilities. Statutes delineating health care provider-patient privilege may include exceptions when the privilege does not apply. The physician-patient privilege in New York has several statutory exceptions. These include, among others, health care providers who must disclose information that a patient under the age of sixteen has been the victim of a crime, the reporting of gunshot or knife wounds, communicable disease reporting, and reporting of addicts or habitual users of narcotic drugs. Alabama is one of the few states that does not recognize the physician-patient privilege; medical records are subject to subpoena and admission in court. In addition to any statutory penalties (discussed below, Penalties for Impermissible Disclosure of Health Care Information) physicians who intentionally betray a professional secret or violate a privileged communication, except as otherwise provided by law, can be subject to professional sanctions (e.g., Arizona).
This was posted by LKH in a previous thread, it's worth repeating though. Didn't any of you guys see this? I posted it a couple of weeks ago regarding a similar medical records situtation. It is long. Patient Confidentiality E-Mail Story Print Story Bookmark Page Patient Confidentiality Physicians have always had a duty to keep their patients' confidences. In essence, the physician's duty to maintain confidentiality means that a physician may not disclose any medical information revealed by a patient or discovered by a physician in connection with the treatment of a patient. In general, AMA's Code of Medical Ethics states that the information disclosed to a physician during the course of the patient-physician relationship is confidential to the utmost degree. As explained by the AMA's Council on Ethical and Judicial Affairs, the purpose of a physician's ethical duty to maintain patient confidentiality is to allow the patient to feel free to make a full and frank disclosure of information to the physician with the knowledge that the physician will protect the confidential nature of the information disclosed. Full disclosure enables the physician to diagnose conditions properly and to treat the patient appropriately. In return for the patient's honesty, the physician generally should not reveal confidential communications or information without the patient's express consent unless required to disclose the information by law. There are exceptions to the rule, such as where a patient threatens bodily harm to himself or herself or to another person. The AMA's ethical guidelines are not binding by law, although courts have used ethical obligations as the basis for imposing legal obligations. Moreover, maintaining patient confidentiality is a legal duty as well as an ethical duty. A physician's legal obligations are defined by the U.S. Constitution, by federal and state laws and regulations, and by the courts. Even without applying ethical standards, courts generally allow a cause of action for a breach of confidentiality against a treating physician who divulges confidential medical information without proper authorization from the patient. Despite these ethical and legal obligations, access to confidential patient information has become more prevalent. Physicians in integrated delivery systems or networks now have access to the confidential information of all the patients within their system or network. Confidential information also is disseminated through clinical repositories and shared databases. Sharing this information allows patients to be treated more efficiently and safely. The challenge for physicians is to utilize this technology, while honoring and respecting patient confidentiality. What Is a Breach of Confidentiality? A breach of confidentiality is a disclosure to a third party, without patient consent or court order, of private information that the physician has learned within the patient-physician relationship. Disclosure can be oral or written, by telephone or fax, or electronically, for example, via e-mail or health information networks. The medium is irrelevant, although special security requirements may apply to the electronic transfer of information. The legal basis for imposing liability for a breach of confidentiality is more extensive than ethical guidelines, which dictate the morally right thing to do. Although current law in this area has been referred to as "a crazy quilt of state and federal law," protecting patients' confidentiality is the law of the land. Included in the patchwork are federal and state constitutional privacy rights, federal and state legislation and regulation governing both medical records and licensing, and specific federal and state legislation designed to protect sensitive information (e.g., HIV test results, genetic screening information, mental health records, and drug and alcohol abuse rehabilitation information). Patient Consent to Release Confidential or Privileged Information The general rule regarding release of a patient's medical record is that information contained in a patient's medical record may be released to third parties only if the patient has consented to such disclosure. The patient's express authorization is required before the medical records can be released to the following parties: patient's attorney or insurance company; patient's employer, unless a worker's compensation claim is involved; member of the patient's family, except where the family member has been appointed the the patient's attorney under a durable power of attorney for health care; government agencies; and other third parties. Some state laws expressly allow disclosure to any person upon consent of the patient. Other state laws permit release on patient consent only to specified classes of persons. Further, once the patient has given consent to release the record, the disclosure requirement may be mandatory for the holder of the medical record or merely permissive. Managed care organizations (MCO) frequently require members to sign a general release form on enrollment in the plan. These forms authorize the release of medical information to the MCO. Typical language used in a release might be "that any provider may furnish the MCO such medical information as may be required and that the member acknowledges the MCO's right to conduct a professional utilization review program of health services and to coordinate benefits and/or reimbursements with other health or insurance programs." Before forwarding medical records to an MCO, utilization review programs or other health programs, physicians, hospitals, and others should get a signed copy of the patient's release of medical records. Who Can Consent to the Release? Who may grant permission to release medical record information is likewise governed by state law. Generally, the authority to release medical information is granted to: (1) the patient, if a competent adult or emancipated minor; (2) a legal guardian or parent if the patient is incompetent or a minor child; and (3) the administrator or executor of the patient's estate if patient is deceased. The patient's right to authorize release of medical records is codified in many state statutes. These statutes all state that medical records are confidential and cannot be disclosed, except in specifically provided circumstances. However, the extent of the patient's right to access varies from state to state. Some states allow the health care professional or provider to determine patient's right of access. In comparison, some states expressly grant patients access to the medical information contained in their medical records. What Has to Be in the Release? Typical elements of a valid general release include: Patient's name and identifying information; Address of the health care professional or institution directed to release the information; Description of the information to be released; Identity of the party to be furnished the information; Language authorizing release of information; Signature of patient or authorized individual; and Time period for which release remains valid. Some state laws add other elements, such as specifying on the form the reasons for disclosure or a caveat that the authorization may be revoked. Failure to get the appropriate release for medical records may have serious results. Twenty-one states punish disclosure of confidential information by revoking a physician's medical license or taking other disciplinary action. Implied Consent and Public Policy Exceptions or Required Disclosures A patient's consent to disclosure of confidential information contained in a medical record may also be implied from the circumstances. For example, medical personnel directly involved in a patient's care or treatment generally have access to the medical record. Even if the patient has not expressly authorized disclosure of his or her medical record, such consent is implied from the patient's acceptance of treatment or hospitalization. Consent is also implied when a patient is transferred from one health care practitioner or facility to another. In such circumstances, disclosure of confidential patient information may be necessary to ensure continuation of patient care or treatment. state and federal statutes may also authorize or require disclosure of medical records to health care professionals or providers involved in the patient's treatment or upon transfer of the patient from one facility to another. ____________________________ The Kid is gone, I am back.
Continued......... BTW -the website is: http://www.ama-assn.org/ama/pub/category/4610.html Safeguarding patient confidences also is subject to certain exceptions that are ethically and legally justified because of overriding social considerations. If there is a reasonable probability that a patient will inflict serious bodily harm on another person, for example, the physician should take precautions to protect the intended victim and notify law enforcement authorities. Communicable diseases and gunshot and knife wounds should be reported as required by applicable statutes or ordinances. Thus, the physician's duty of confidentiality at times must give way to a stronger countervailing societal interest. General Management Safeguards and Security Tips Physicians should have their contracts with system vendors, consultants, and all health care providers participating in a data repository reviewed by an attorney. They should also have comparable confidentiality and security policies; implement security controls over sensitive patient information (e.g., HIV status, pregnancy termination, and history of mental health problems or drug and alcohol abuse); maintain good system security; and train staff and secure agreements concerning confidentiality and security. It is also advisable to have security experts periodically assess the security of the clinical data repository and require that users who access the information sign appropriate user agreements. Physicians should set up office procedures to prevent the release of medical records without a copy of the patient's release. The system could be as simple as attaching an office form to any request for medical records. The form would have a checklist indicating date of receipt of the request, date of receipt of the copy of the patient's release form, and date that the medical records were authorized to be sent to the requester. Why Protecting Patient Confidentiality Is Still Important Ethics and laws regarding confidentiality evolved long before the information highway was envisioned. The old laws and ethical precepts do not always fit neatly with today's computerized systems. Given the difficulties with compliance, some physicians and networks have only paid lip service to protecting patient confidentiality. This approach is short-sighted and unwise. The law will gradually catch up with the new system and seek to protect confidential patient information. In the interim, physicians should attempt to protect information to the extent possible and to comply with the "crazy quilt" of federal and state laws. Physicians should inform patients of the limits of confidentiality protections and allow the patients to decide whether treatment outweighs the risk of the disclosure of sensitive information. A patient expects to have his or her privacy respected by the physician and should not be disappointed. If a record must be released, the patient should sign an appropriate release authorizing the disclosure of information in the medical record. General releases will not suffice for records containing HIV or other sensitive material. Physicians should become familiar with laws involving the duty to maintain confidentiality. Any breach in confidentiality--even one that seems minor--can result in mistrust and, possibly, a lawsuit and/or disciplinary action. -------------------------------------------------------------------------------- Prepared by the American Medical Association, Office of General Counsel, Division of Health Law Copyright 1998 American Medical Association ____________________________ The Kid is gone, I am back.
Sassy, You're awesome. Finding other legal crowbars for medical collections on your credit report! Medical collections seem to outnumber any other kind of collections far and away.
I found this on this web page: http://www.calcollectors.net/financialpriv.htm Q: Does the rule prevent reporting to consumer credit reporting agencies or otherwise create any conflict with the Fair Credit Reporting Act (FCRA)? Â A: No. The Privacy Ruleâ??s definition of "payment" includes disclosures to consumer reporting agencies. These disclosures, however, are limited to the following PHI about the individual: name and address; date of birth; social security number; payment history; account number. In addition, disclosure of the name and address of the health care provider or health plan making the report is allowed. The covered entity may perform this payment activity directly or may carry out this function through a third party, such as a collection agency, under a business associate arrangement. We are not aware of any conflict in the consumer credit reporting disclosures permitted by the Privacy Rule and FCRA. The Privacy Rule permits uses and disclosures by the covered entity or its business associate as may be required by FCRA or other law. Therefore, we do not believe there would be a conflict between the Privacy Rule and legal duties imposed on data furnishers by FCRA.
