NAMAS Webinar Q&A: HIPAA Security Risk Analysis 08/20/19

Post here your questions regarding auditing ,coding, documentation, and compliance. Also, join in on the conversation- help your fellow auditors and compliance professionals in the industry.

Moderators: NAMAS Moderator, Shannon DeConda

Post Reply
User avatar
Site Admin
Posts: 499
Joined: Mon Apr 09, 2012 1:54 pm

Tue Aug 20, 2019 3:53 pm

Below are the questions received during our recent webinar, HIPAA Security Risk Analysis, originally presented on August 20, 2019. These questions have been answered by the webinar presenter, Kelly Ogle, MSOP, BSDH, CHOP, CMP<, OSHA/HIPAA Director, DoctorsManagment, LLC.

Question: If an outside provider is treating a past patient of ours and is requesting records - we require the patient approval prior to releasing records. We have received push back quoting HHS’s Q&A stating this is not required. We are a specialty provider’s office and the office requesting records is unknown to us as their GP.

Answer: Only the patient or the patient's personal representative has the right to access the patients records.A health care provider or health plan may send copies of those records to another provider or health plan only as needed for treatment or payment or with the patient's permission. The Privacy Rule does not require the health care provider or health plan to share information with other providers or plans. HIPAA gives the patient important rights to access - PDF the medical records and to keep the information private.
Post Reply