Teri -- You are overstating the accounting for disclosures requirenment. Under the modified final rule, the only disclosures that are subject to the accounting for disclosure under § 164.528 are most post-4/14/03 (but not all) disclosures that are made without an authorization under § 164.512 (e.g., disclosures to public health authorities, law enforcement authorities, and health oversight agencies, disclosures required by law, decedent related disclosures) and the covered entity's (or its business associate's) erroneous disclosures. Consequently, for example, disclosures to the individual or the individual's personal representative or to family members under § 164.510(b) are not accountable under § 164.528.
The Privacy Rule includes a requirement to maintain copies of authorizations for six years from its creation or it last effective date whichever is later (164.508(b)(6), 164.530(j)), and I am not discouraging the tracking of disclosure as a safeguard measure. However, the accounting for disclosures at this point really is quite limited to special situations that should be handled in a centralized manner. I have copied the relevant text of § 164.528 below. Best regards, Dave Ermer § 164.528 Accounting of disclosures of protected health information. (a) Standard: right to an accounting of disclosures of protected health information. (1) An individual has a right to receive an accounting of disclosures of protected health information made by a covered entity in the six years prior to the date on which the accounting is requested, except for disclosures: (i) To carry out treatment, payment and health care operations as provided in § 164.506; (ii) To individuals of protected health information about them as provided in § 164.502; (iii) Incident to a use or disclosure otherwise permitted or required by this subpart, as provided in § 164.502; (iv) Pursuant to an authorization as provided in § 164.508; (v) For the facility's directory or to persons involved in the individual's care or other notification purposes as provided in § 164.510; (vi) For national security or intelligence purposes as provided in § 164.512(k)(2); (vii) To correctional institutions or law enforcement officials as provided in § 164.512(k)(5); (viii) As part of a limited data set in accordance with § 164.514(e); or (ix) That occurred prior to the compliance date for the covered entity. Gordon & Barnett 1133 21st St., NW, Suite 450 Washington, DC 20036 202-833-3400 ext 3009 (voice) 202-223-0120 (fax) www.gordon-barnett.com >>> "Teri Baskett" <[EMAIL PROTECTED]> 02/17/03 13:07 PM >>> I hate to weigh in here one more time, but my understanding what that we have to provide the pt/client an accounting of all disclosures that were not specifically covered by an authorization (initially, it was interpreted that those had to be logged and tracked also, but that was amended in the final regs, since the argument was made that the pt would have knowledge of disclosures s/he had authorized in writing). I know another gentleman on this thread last week indicated that he planned to track those also, just to keep the disclosure log complete and to simplify the procedures for HIM staff; however, I do believe that authorized disclosures are not required to be tracked. So, our disclosure log must contain a record of all disclosures not covered by a written authorization and those that are not a part of treatment, payment and healthcare operations. Regardless of everything we list in the NPP (and it should list all these as possibilities), we have to track these and record them, providing them for a pt when requested. Have I confused different parts of the regs in this interpretation? Teri Baskett, CISO LifeSpring Mental Health Services [EMAIL PROTECTED] --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: archive@mail-archive.com To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org