Julia: Let me give this a try. What do you outsource to these agencies? If, for example, you outsource "payment" functions (e.g., billing, collections) the "outsource" vendor may misunderstand the HIPAA privacy regs. The answer to your question will depend upon their function relative to a covered entity. I'd be happy to help answer your question if I knew more info. If the "outsource" vendor is handling active accounts receivable, for example, and collects them in the hospital's name rather in the outsourcers name there may be separate legal reasons the vendor would direct a patient to head to the hospital for a copy of his/her bill.
Generally - under the Business Associate provisions found in the Privacy Regulations (Section 164.502(e), a covered entity may outsource or contract out any of a variety of treatment, payment or operations functions and assuming the relationship is structured correctly should in fact provide a patient with access to a copy of his/her itemized bill if that vendor or business associate was working with the bill in the context of its relationship with the health care provider. Again, however, the nature of the work the outsourcer does is essential to giving you a correct answer -- not necessarily under HIPAA -- but under other overlapping laws/regulations. Leslie Bender, Esq. -----Original Message----- From: Barrientos, Julia [mailto:[EMAIL PROTECTED]] Sent: Thursday, October 11, 2001 3:00 PM To: '[EMAIL PROTECTED]' Subject: Privacy Regulation We have outsourcing agencies that are stating due to the HIPAA regulation patients cannot pick up itemized statements from them . That they have to come into the hospital and pick them up directly . Is they're a regulation that identifies outsourcing agencies and the ability to mail patients itemized statements? Can you tell me where I can find more information on this regulation? ________________________________________________________________________ ___ NHS E-Mail Confidentiality Disclaimer: The information contained in this e-mail is privileged and confidential and is intended only for the use of the addressee(s) indicated above. Use or disclosure of information e-mailed in error is respectfully prohibited. If you have received this e-mail in error, please contact the sender and immediately delete the original message. Thank you. ********************************************************************** To be removed from this list, send a message to: [EMAIL PROTECTED] Please note that it may take up to 72 hours to process your request. ********************************************************************** To be removed from this list, send a message to: [EMAIL PROTECTED] Please note that it may take up to 72 hours to process your request.
