HEALTH CARE PRIVACY

Has someone you known ever been a patient at a hospital? Typically, friends and family will call the hospital and ask if the person remains a patient at the hospital and what that person’s “status” (critical, stable, etc.) is.

Has someone you known ever been so ill that she was unable to pick-up her prescriptions at the pharmacy? You probably helped her out by going to the pharmacy to pick-up the prescription for her.

But recent changes in the law – or, perhaps more accurately, the perception of health care professionals about recent changes in the law – may end these relatively common occurrences. As of April 14, 2003, health care providers and health plans are required to comply with the privacy regulations of the Health Insurance Portability and Accountability Act of 1996, commonly known as “HIPPA.” Those regulations are as confusing as the name of the Act they implement.

In fact, the regulations have caused so much confusion among health care professionals that the flow of vital health care information – even from doctor to doctor – has slowed to a virtual trickle. Much of the confusion arises out of misconceptions about the law; health care providers and plans simply do not know what health care information they can or cannot release.

The next time you or your doctor requests your health care information, you may be confronted with some of these misconceptions. The following are some common misconceptions and the truth behind those misconceptions:

Myth 1: One doctor’s office cannot send medical records of a patient to another doctor’s office without the express consent of the patient.

Truth 1: A patient does not have to provide consent for one’s doctor’s office to send the patient’s medical records to another doctor’s office if the information is being sent for treatment purposes.

Myth 2: A patient’s information cannot be listed in the directory of a hospital without the patient’s consent, and the hospital is prohibited from sharing the patient’s information with the public, without the patient’s express, written consent.

Truth 2: The regulations permit a hospital to share a patient’s directory information with the public, unless the patient has specifically indicated otherwise. In other words, the public can continue to call a hospital to learn if a patient remains in the hospital and the general status of the patient’s health (“critical,” “stable,” etc.).

Myth 3: A patient’s family can no longer pick up prescriptions for a patient.

Truth 3: The regulations permit a family member or other individual to pick up filled prescriptions and medical supplies for a patient.

Myth 4: A hospital is prohibited from sharing information about a patient with the patient’s family, unless the patient has given his express consent to the release of information.

Truth 4: The regulations permit a health care provider to release a patient’s medical information to a family member, friend, or any other individual that the patient has identified if that information is relevant to that person’s involvement with the patient’s care.

The above are just some of the myths that surround HIPPA’s regulations. In many ways, HIPPA’s privacy rules are a good thing; I know that I’d want my health care information kept confidential, and I think most people feel the same way. Primarily, it is the misconceptions about the law, not the actual law, that are causing problems.

As time passes, I am confident that health care professionals will iron-out the glitches that have occurred in their implementing the new regulations. Until then, however, you should be aware of the common misconceptions that are occurring, so you’re not taken back the next time you call a hospital to inquire about the status of a family member or go to the pharmacy to pick up prescriptions for a sick family member.