It is very important under HIPAA to distinguish between disclosures made for your own covered entity's purposes and disclosures made for another entity's or person's purposes. As I'm sure you know, a covered entity may disclose PHI subject to the minimum necessary standard for health care operations. The Privacy Rule's definition of health care operations (§ 164.501) includes (4) Conducting or arranging for medical review, legal services, and auditing functions, including fraud and abuse detection and compliance programs." Consequently when the covered entity is defending itself in a legal proceeding , the covered entity's appropriate use and disclosure of PHI falls under health care operations. However, if a covered entity is requested to disclose PHI for someone else's purposes via a subpoena, then of course, it must comply with § 164.512 and § 164.528. See also § 164.506.
Best regards, Dave Ermer Gordon & Barnett Attorneys at Law 1133 21st St., NW, Suite 450 Washington, DC 20036 202-833-3400 ext 3009 (voice) 202-223-0120 (fax) www.gordon-barnett.com >>> "Giesecke, Steve" <[EMAIL PROTECTED]> 04/04/03 05:37PM >>> The 164.512 provisions, specifically Disclosures for judicial and administrative proceedings, name conditions for when an authorization is not required and could be applied to your situation. This section states: A covered entity may disclose protected health information in the course of any judicial or administrative proceeding: (i) In response to an order of a court or administrative tribunal, provided that the covered entity discloses only the protected health information expressly authorized by such order; or (ii) In response to a subpoena, discovery request, or other lawful process, that is not accompanied by an order of a court or administrative tribunal So, if a doctor is sued by a patient that would seem to be covered by the conditions mentioned above. Steve Giesecke Olympia, WA (360) 570-4543 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Sent: Friday, April 04, 2003 1:54 PM To: WEDI SNIP Privacy Workgroup List Cc: [EMAIL PROTECTED] Subject: Malpractice and HIPAA If a dr. is sued by a patient, can the dr. then use the patient's records to defend him or herself without getting an authorization? The patient would most likely not agree to sign an authorization in this case. Would the dr. have to subpoena the records in his/her office? Thanks as always for your advice. Jill Rubin, Esq. (617)388-2404 [EMAIL PROTECTED] --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org --- The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. These listservs should not be used for commercial marketing purposes or discussion of specific vendor products and services. They also are not intended to be used as a forum for personal disagreements or unprofessional communication at any time. You are currently subscribed to wedi-privacy as: [EMAIL PROTECTED] To unsubscribe from this list, go to the Subscribe/Unsubscribe form at http://subscribe.wedi.org or send a blank email to [EMAIL PROTECTED] If you need to unsubscribe but your current email address is not the same as the address subscribed to the list, please use the Subscribe/Unsubscribe form at http://subscribe.wedi.org
