Wiki Privacy

nc_coder

Expert
Messages
300
Location
Iron Station, NC
Best answers
0
A patient sends a doctor's excuse to his company. The company calls to confirm the patient was actually seen. The company asks for a certain date. We then confirm the date the patient was seen. Was this violating any rules?
 
Personally, I would not provide any information unless there is some type of authorization of release. You never know the situation at work and hence you could be creating a problem for the patient. In the future, all notes of similar nature should have a date on them and hence that would resolve that type of problem.

Technically, I do not see any issue in what was done but just not good practice. What if the employer had of asked another question - it is a slippery slope.
 
I don't think there is anything wrong with validating information presented as being from your office is or is not correct.

Basically the employer is just making sure the employee did not forge an excuse slip.

Just putting the date on the excuse, which should have already been on there, doesn't mean anything.

In fact most excuses advise to contact the office it is from for further information. Obviously you wouldn't give out anything you weren't authorized to give out but validating they were seen or they were put on limited duty or that they can return to work on a certain day, whatever the note is for, is expected in a case where it is questionable for any reason.

Providers need to know if pts have altered documentation as well and should welcome these calls.

My thoughts for what they are worth,

Laura, CPC, CPMA, CEMC
 
I really dont see anything wrong in really confirming information the employer already had, however, one additional thing I may have done is called the employee and asked if it was okay for you to release information being requested to the employer. If you call the employer back you are getting permission from the employee and making sure the call requesting the info is actually be requested by the employer.
 
We've had instances in the past where employers have called to confirm. We only give the information out when there has been a note given by the provider and we only confirm that we issued the note as written (or not if there has been an alteration).
 
I took this question to another forum comprised of HIPAA matter experts and from what I understand, you should not have released this info to the employer without the patient's authorization.

I defer you to the Office of Civil Rights, Health Information Privacy Page regarding Employers and Health Information in the Workplace which addresses this issue: http://www.hhs.gov/ocr/privacy/hipaa/understanding/consumers/employers.html
 
You cannot release the information

This information is not being released for treatment, payment or operations. Therefore, it does need patient authorization to be released. Just because the patient provided the document to the employer, this does not replace the requirement for WRITTEN authorization from the patient.

Also, you always want to be careful about releasing information via the phone - how do you verify the caller is who he or she says it is?
 
Top