Releasing Protected Health Information
Amanda Cantrell
HCR 210
June 25, 2012
Kimberly Kirby-Bass
Protected health information (PHI) is any kind of information that can identify a patient such as name, address, telephone number, date of birth, Medicaid number, social security number, medical record numbers, and the name of an employer (Green & Bowie, 2005). Anytime someone asks for any of this information, a consent form must be filled out and signed by the patient. HIPAA has established specific guidelines for this type of authorization form (Green & Bowie, 2005). Also, all covered entities are required to talk to the patient and inform them of how they will disclose their information. Any individual has the right to decline any authorization except for when the information has already been released or when a health insurance agency is requesting the information (Green & Bowie, 2005).
When it comes to different agencies or groups, HIPAA has different uses and discloses and whether you need consent or not for the information is in the privacy law. Legal agencies and representatives can acquire different kinds of information without having any kind of authorization to do so. Some of these include court orders and subpoenas. A protective order can only be issued to the person at hand and once it has been delivered, all copies must be returned to the covered entity and destroyed once the matter is over (Green & Bowie, 2005). When HIPAA enforces authorization to be obtained, then covered entities have to make sure they obtain the consent so that they are able to get in contact with the correct attorneys and they can request the information. Attorneys have several reasons that they would have to request information with consent and one of those is if they were going into a medical malpractice lawsuit. In this case, the facility’s risk manager must be notified to determine if the record needs to be reviewed before it is released (Green &...