Kristen, Since your agency is covered as a health care provider, HIPAA requires under 164.520 that your notice of privacy practices needs to be given not later than the first treatment, and a good faith attempt to obtain an acknowledgement. It appears that the plan to communicate summary information over the phone and mail out the Notice (with an acknowldement form) will be a good approach. The 12/04/02 OCR guidance has a Q/A related directly to providing Notice where the first contact is by telephone at http://www.hhs.gov/ocr/hipaa/privacy.html).
As to the referrals to other agencies/organizations that can provide services, the treatment definition, allow a provider to use/disclose information for provision, coordination, management of health care and related services by one or more health care providers, including coordination and management by a health care provider and a third party; or referral of a patient for health health care from one provider to another. Further, the provision about disclosures for treatment (164.506) allows covered entities to use/disclose information for its own treatment as well as treatment activities of another health care provider. So, I don't believe you would need an authorization for the use/disclosure of information by your assistance line as these activities are included in the treatment definition. You may want to include this type of activity as one of the examples you list in you notice of privacy practices. Regards, lhc Leah Hole-Curry, JD FOX Systems, Inc. 602.708.1045 Information transmitted is confidential and may be proprietary to FOX Systems, Inc. It is intended only for the person or entity to which it is addressed. Anyone else is prohibited from disclosing, copying, or disseminating the contents or attachments. If you receive this in error, please notify sender immediately, or us at www.foxsys.com and delete from your system. >>> "Kristen Emerson" <[EMAIL PROTECTED]> 01/17/03 06:29 AM >>> The agency I work for operates a toll-free telephone assistance service for older persons and their caregivers. The Elder Help Line assists callers by identifying their critical needs and providing practical information about the best ways to obtain services and benefits that will most effectively address their problems. Sometimes our I&R Specialist receive calls from individuals in the community that are looking for services for their elderly parents, etc. Our specialist will collect Personal Health Information on the elderly parent and may contact another agency in the community that could provide certain services to the elderly person. Our specialists may then supply that agency with the name, location, and contact information for the individual. Many times the information given on these calls relates to the elderly persons health and/or functional or mental status. My question is how should we start treating these calls so as to make sure we are complying with HIPAA? One thing I know we definitely plan to do before we collect any information is to briefly describe our NPP and mail it out to that individual with an acknowledgement form and a self addressed stamped envelope to document our "good faith" effort. I just wonder if we will need to get an authorization signed by the actual individual before we can contact any other agency/community resource regarding the individual in need of service. We are considered a covered entity based on the fact that our agency provides case management , along with home health care services, medical transportation, counseling, occupational therapy, etc. Thanks in advance, Kristen Emerson Management Analyst/HIPAA Compliance Officer Mid-Florida Area Agency on Aging --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [email protected] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
