Medical Records copied by outside source and HIPAA

Nurses HIPAA

Published

I asked for a copy of my Dad's medical records from a Hospital. I received a bill from a 3rd party that made the actual copies.

Does having a 3rd party make copies violate the HIPAA rule since we were not made aware that another source would be copying his files.

Thanks

Up Vote Up Vote ×
Specializes in Complex pedi to LTC/SA & now a manager.

Not necessarily, I'm guessing the third party source consent was included in the hospital consent as many facilities utilized 3rd party companies for off site storage of medical records.

As long as they have a confidentiality contract with the third party medical records company they would be in compliance with HIPAA:"Covered entities must have contracts in place with their contractors and others ensuring that they use and disclose your health information properly and safeguard it appropriately."

For Consumers

Up Vote Up Vote ×

No. As long as a release was signed they're covered. I worked in a billing office and we had outside vendors that had to sign confidentiality agreements as part of the contract (on-site shredding, IT support, etc) so they fall under the same privacy restrictions.

Up Vote Up Vote ×

Access to records in this fashion is covered under the "business associate" part of the HIPAA rules. They bear the same burden of confidentiality as anyone in the hospital, clinic, or insurance carrier.

Up Vote Up Vote ×
+ Add a Comment