HIPAA
Description
Collection
Title:
HIPAA
Date:
11/14/2003
Text:
Thank you for all the replies to my HIPAA question regarding BAC's with lawyers. The replies that I received are listed below, but I did receive a phone call from AOPA and they transferred me to Virginia Torche (not sure if I spelled her last name correctly). What she advised me was that according to the HIPAA guidelines the only time I need a BAC completed by a law firm is when the lawyer is our lawyer. The only thing we need from someone when they are requesting medical information is a HIPAA compliant authorization form and if there is a subpoena then we don't even need that.
List responses:
We accept the signed release. Please list your responses back to the list serve for our information too, thank you.
-----------------------------------------------------------------------------
One thing that may be helpful is that the subpoena is nothing more than a
request for information from a lawyer, and not necessarily legally binding.
It may help you to develop a policy that does not respond to a subpoena by
releasing patient records, instead waiting for a Court Order. If a court
order is issued, you of course MUST provide the requested information, but
you will also be protected from liability with respect to privacy or
confidentiality. This would obviate the need for any BAC's with law firms. I
am not an attorney and cannot for sure verify this info, but it may be
something to consider!?! I don't know if it is easier in this case to
cooperate early, or let the law dictate your compliance
------------------------------------------------------------------------------
You need to be clear on whose attorney is requesting what. If the patient's attorney us requesting the info, the patient should sign your release that you have designed as part of your HIPAA compliance program. You would not use a business associate agreement is this case.
Thanks again to all the responses,
Kim Edgar,
Office Manager
List responses:
We accept the signed release. Please list your responses back to the list serve for our information too, thank you.
-----------------------------------------------------------------------------
One thing that may be helpful is that the subpoena is nothing more than a
request for information from a lawyer, and not necessarily legally binding.
It may help you to develop a policy that does not respond to a subpoena by
releasing patient records, instead waiting for a Court Order. If a court
order is issued, you of course MUST provide the requested information, but
you will also be protected from liability with respect to privacy or
confidentiality. This would obviate the need for any BAC's with law firms. I
am not an attorney and cannot for sure verify this info, but it may be
something to consider!?! I don't know if it is easier in this case to
cooperate early, or let the law dictate your compliance
------------------------------------------------------------------------------
You need to be clear on whose attorney is requesting what. If the patient's attorney us requesting the info, the patient should sign your release that you have designed as part of your HIPAA compliance program. You would not use a business associate agreement is this case.
Thanks again to all the responses,
Kim Edgar,
Office Manager
Citation
“HIPAA,” Digital Resource Foundation for Orthotics and Prosthetics, accessed November 6, 2024, https://library.drfop.org/items/show/222034.
