I understand the importance of the HIPAA laws. But - I work in a defense lawfirm as a paralegal - and medical facilities will not give up records - EVEN IF SUBPOENAED - without a HIPAA-compliant authorization. It seems to me that HIPAA laws would not apply when a person brings about a legal action where their own personal injuries are the focal point of that legal action! Is this a misinterpretation of HIPAA laws by the medical facilities - or does HIPAA make medical record document gathering so stringent that it really makes it almost impossible for defense firms to gather records & do their jobs? I think if someone is suing for personal injury - they really have waived their right to privacy when it comes to those medical records. Does the HIPAA law directly address this situation?
2006-09-22 07:15:13 · 5 answers · asked by captain2man 3 in Politics & Government ➔ Law & Ethics
the first 2 answers have totally overreacted to the question. Yes - I - and all of the attorneys in the firm I work for are well-versed in the HIPAA laws. We always seek out proper HIPAA authorization forms - and, in fact, we were the first lawfirm in our area to change our forms & tailor our demands to make sure we complied with HIPAA laws. While I certainly don't believe that someone instituting a legal action for personal injury waives their right to privacy - it does seem like the intent of the HIPAA laws was not to hinder defense counsel from being able to obtain records which are pertinent to the defense of a case. If you are in auto accident & sue someone for injury -- for the purpose of that legal action only (i.e. defense counsel) - then YOU are the one who must prove your injuries (it's not defense counsel's job to prove you AREN'T injured - it's your job to prove that you ARE)...and defense counsel should be able to obtain those records without jumping through hoops.
2006-09-22 08:40:03 · update #1
I am also an ins defense paralegal. I am in NY, which has a civil practice rule requiring that an authorization accompany any subpoena for medical information. In fact, the rule requires that the subpoena contain language that no response (not even a notice of rejection) is required if an authorization is not attached. This seems to be overkill, since the other civil procedure rules provide a lot of safeguards (records going to Clerk, subject to motion to quash, notice to opposing counsel, etc.) against improper use of subpoenas.
There are quite a few providers who have their own rules, which are more stringent than HIPAA, and make things more difficult. E.g. won't accept auths greater than 60-90 days, when an expiration of a year or more is contained in the auth, and all that is required under HIPAA is a specific expiration. Some plaintiffs' firms have refused to provide me with new authorizations in these situations. I don't think the providers always understand the difficulty in getting new authorizations every 2-3 months. Authorizations often come in and sit for that long before they are given to me to send out!
2006-09-23 00:44:45 · answer #1 · answered by Marie 4 · 0⤊ 0⤋
There are in fact specific requirements to the HIPAA regulation as far as litigation is concerned. Hospitals are required to track disclosures they make, and as you are well aware of I am sure, if it isnt documented it didnt happen. Therefore if the patients consent isnt documented it didnt happen. Hospitals have a requirement to have that release of information on file for that specific disclosure as well as any further disclosures. Keep in mind that the disclosure is not mandatory without the subpoena that then compels disclosure. Your choices, which I firmly suggest, are that you, if you can, obtain the hospitals releases of information to use for your patients, as many times you will find that when you have used your own relase form hospitals or providers will deem them invalid and require that you use their form. Also, for those more popular providers, obtain their relase forms and use them as well.
I tell people all the time that the medical records staff should be treated with the utmost respect. You will find that should you even take the time to invite the ones you deal with most often out to lunch or sponsor a lunch in their office and ask them to show you how to fill out their form, they will always remember that and not only will your valid releases of information result in disclosure they will result in a much better relationship with the providers.
I handle releases of information every day and have assisted several law firms in the creation of their ROI's to ensure compliace with 42 CFR Part 2, 45 CFR Parts 160-164 and the Privacy Act of 1972. I can help you as well, just email me.
2006-09-22 11:20:05 · answer #2 · answered by winteraires 2 · 1⤊ 0⤋
And you work at a law firm? Wow! I am shocked that you don't have a complete understanding of HIPPA and the importance of getting the proper releases signed before anyone can obtain personal private medical information about you. Just because someone was involved in an automobile accident does not mean they give up their right to privacy! Remind me to never come to your firm.
Tell that to your attorneys and see what kind of reaction you get. Glad you are not on my side!
2006-09-22 08:12:37 · answer #3 · answered by Zelda 6 · 0⤊ 1⤋
If you work for defense, then all you have to do is a normal discovery request for a medical authorization and a request for production of medical documents from the plaintiff
And you are incorrect - suing for personal injury / malpractice does not waive the right to privacy - that is ridiculous.
EDIT - I work for a law firm. seriously, how lazy can you be if you feel that a request for production is jumping through too many hoops
2006-09-22 07:25:11 · answer #4 · answered by BigD 6 · 0⤊ 1⤋
certain, they do. All sufferers are required to signal at the same time as they get carry of notification of HIPAA privateness protection. there's a decal that is going on the back of all and various's clinical files with that information and the signature and date. with out more advantageous information to this question, i'm no longer confident in case you want help ensuring the protection of your clinical information or what. even with the indisputable fact that, once you've concerns, you could tackle them with the affected human being administration branch on your setting up's well being facility.
2016-11-23 15:27:43 · answer #5 · answered by ? 4 · 0⤊ 0⤋