Have you ever had questions about what might be going on with an older loved one’s health? But then you find that your older relative is unable — or unwilling — to let you in on the health details?
Or maybe you’ve wanted to talk to your parent’s doctor, but worried that doing so might be a HIPAA violation?
Such issues come up often for the family caregivers of aging adults. Common situations include:
- An older parent who starts to act in ways that are strange or worrisome, such as becoming paranoid or delusional.
- An older adult who seems to be physically or mentally declining, but seems reluctant to discuss the situation
- A hospitalization or emergency room visit
- A hospitalized older person becoming confused (this would be delirium) and becoming no longer able to explain to family what the doctors have said
In these situations, family caregivers often find themselves grappling with issues related to the HIPAA (Health Insurance Portability and Accountability Act) Privacy Rule.
Why all the grappling?
Well, although most people — and all clinicians — have heard of HIPAA, its rules and requirements are often misunderstood. So for instance, families may assume that it’s a HIPAA violation to report a relative’s worrisome behavior to the doctor, because their relative hasn’t given them permission to do so.
Even worse: doctors and other clinicians sometimes refuse to disclose any information to families, and will incorrectly claim that it’s a HIPAA violation to do so. This can create extra confusion and stress for families, or can even sometimes put an older person at risk for harm.
If you’ve been concerned about an aging parent’s health, or are otherwise helping someone with their health concerns, then it can be very helpful to understand HIPAA better. HIPAA regulations will also govern your access to medical records and other important health information.
In fact, the American Bar Association includes “Know your rights of access to health information” among its Ten Legal Tips for Caregivers.
The detailed ins and outs of HIPAA can indeed be hard to fully understand. But, it’s not too hard to learn some practical basics, especially since the US Department of Health and Human Services (HHS) provides a Summary of the Privacy Rule here, and maintains a truly useful set of online FAQs about HIPAA here.
In this article, I’ll explain five useful key basics to help you understand HIPAA better, especially when it comes to getting information and medical records as a family caregiver.
I’ll also address five questions I’ve often heard family caregivers ask about HIPAA.
At the end, I’ll share some of my favorite online HIPAA resources, as well as some final tips to keep in mind.
5 Key Basics About HIPAA
1. What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) is a federal law passed in 1996. Among other things, HIPAA required the Department of Health and Human Services (HHS) to create a federal “Privacy Rule” for health providers and health plans, governing how these entities must protect the privacy of an individual’s medical information.
Usually, when people refer to HIPAA, they are actually referring to the HIPAA Privacy Rule created by HHS.
The HIPAA Privacy Rule basically says that “covered entities” must take certain steps to keep a person’s health information confidential and secure.
“Covered entities” means health providers, health insurers, and many other professionals whose daily work involves the handling of individuals’ medical information.
Private citizens and family caregivers are not “covered” by the Privacy Rule. This means that you do not have to maintain your — or your older parent’s — health information confidential in the same way that health providers do.
Exactly how “covered entities” should comply with the Privacy Rule can get pretty complicated to explain. What is most important for you to know is that this often — but not always — means taking steps to make sure that patients are in agreement, before their health information is shared with other people.
Overall, HIPAA is intended to balance a person’s right to privacy with the need for health providers to share medical records and otherwise communicate with others, in order to properly care for a patient and act in the patient’s best interest.
To read about the rule in more technical detail, see here: Summary of the HIPAA Privacy Rule.
To read a good plain-English summary of your rights (as an individual) under HIPAA, see here: Your Rights Under HIPAA.
2. What information is protected by HIPAA?
HIPAA’s Privacy Rule protects all “individually identifiable health information” held or transmitted by a covered entity, no matter what form it is in. So HIPAA applies whether a person’s health information is held or disclosed electronically, orally, or in written form.
A person’s health information is often referred to as “protected health information” (PHI). This covers information that relates to:
- a person’s past, present or future physical or mental health or conditions
- any health care provided to a person (e.g. clinical notes or lab results related to a person’s medical care)
- past, present, or future payments related to a person’s health care (e.g. billing records)
In other words, this is information created by, or stored by, healthcare providers and insurers, such as medical records.
HIPAA also covers demographic data and any information that can be used to identify a person, such as names and addresses.
If you are a family caregiver, remember that you are not a “covered entity.” Hence you aren’t responsible for protecting health information in the same way that your relative’s doctor is.
3. What to know about HIPAA’s rules on the disclosing of protected health information without committing a HIPAA violation
You’ll be able to sort out what is and isn’t a HIPAA violation more easily if you understand a few fundamentals about HIPAA’s rules on these issues.
According to the HHS Summary of the HIPAA Privacy Rule: “A covered entity may not use or disclose protected health information, except either:
(1) as the Privacy Rule permits or requires; or
(2) as the individual who is the subject of the information (or the individual’s personal representative) authorizes in writing.”
In other words, doctors are allowed to disclose health information if a person authorizes it in writing, or if the Privacy rule otherwise permits or requires such disclosure.
Now, let’s address the difference between being required and being permitted to disclose, because that is really at the heart of a lot of HIPAA confusion.
The difference is that when doctors are required to disclose, then they have to do it, whether or not they want to.
Whereas when they are permitted to disclose, they are allowed to do it, but they don’t have to. (Which means, they might refuse to do it, and they are legally allowed to do so, unless other federal, state, or local laws apply.)
You now probably will want to know: under what circumstances are health providers required or permitted to disclose health information?
Required disclosures of health information. Health providers must disclose protected health information in these two situations:
- When individuals — or their personal representatives — request access to their protected health information. Individuals can also request an accounting of disclosures, which means the covered entity has to tell a person with whom the information was shared.
- When the Department of Health and Human Services requests information, as part of a compliance audit or enforcement investigation.
In short: if you request it, your doctors must give you copies of your medical records. This is known as the “Right of Access.” You can learn more about your rights to view or obtain copies of your health information here: Individuals’ Right under HIPAA to Access their Health Information.
And if you are the durable power of attorney for healthcare for your relative, and if you are currently authorized to act, you have the right to request and obtain your relative’s health information.
Permitted disclosures of health information. Under certain circumstances, health providers are allowed — but not required — to disclose information, without obtaining the patient’s written permission.
Now here’s where things start getting trickier, because the list of permitted circumstances is much longer and more complicated than the list of required disclosures.
If you want to learn about all the permitted disclosures and uses, you can do so by reading the HHS Summary of the Privacy Rule.
But I think it’s more useful to learn from the FAQs that HHS has published online, especially the ones created to guide doctors and other healthcare professionals. I will share some of the more useful ones in the next section, when I address FAQs based on the questions I’ve had people ask me.
For now, the main thing you should know is this: in many cases, health providers are allowed, but not required, to disclose health information to others, even if a patient doesn’t give written or verbal permission for this.
As you will see below, when we go through some FAQs, doctors are allowed to use their clinical judgment and disclose information when a patient lacks capacity to give consent, if the clinician decides that the disclosure is in the best interest of the patient.
4. What to know about HIPAA’s “minimum necessary” requirement
The HIPAA Privacy Rule describes a principle of “minimum necessary” use and disclosure:
“A covered entity must make reasonable efforts to use, disclose, and request only the minimum amount of protected health information needed to accomplish the intended purpose of the use, disclosure, or request.”
Basically, this means that when health providers disclose health information to someone other than the patient, they can’t just disclose anything and everything about their patient’s health. Instead, they should only share on a “need to know” basis, and focus on what’s relevant and necessary.
Note that the minimum necessary requirement does not apply to all disclosures. The Privacy Rule summary lists six situations as exempt, including “disclosure to or a request by a health care provider for treatment.”
In short, if your doctor refers you to another doctor, she can send your whole medical chart along. But, if a doctor is speaking to your family while you are sick in the hospital, the doctor is only allowed to disclose what is necessary and relevant to your current hospitalization and care needs.
5. What is a “HIPAA release”?
Many health providers and other covered entities will require a person to sign a written authorization, before they disclose protected health information. This is sometimes called a HIPAA release, a HIPAA waiver, or a release of information authorization.
Interestingly, the HIPAA Privacy rule itself does not require health providers to do this. Instead, per the Summary:
“Obtaining ‘consent’ (written permission from individuals to use and disclose their protected health information for treatment, payment, and health care operations) is optional under the Privacy Rule for all covered entities. The content of a consent form, and the process for obtaining consent, are at the discretion of the covered entity electing to seek consent.”
In other words, although it’s extremely common for health providers to ask patients to sign written authorizations before disclosing health information, such written consent is not actually required by HIPAA.
Instead, a requirement for written consent usually reflects a clinic’s policies, or perhaps the preference of an individual clinician. Understandably, clinicians want to avoid HIPAA violations or otherwise being accused of failing to protect a patient’s confidentiality.
5 Caregiver FAQs about HIPAA and avoiding HIPAA violations
1. Is written permission always required by HIPAA, for a doctor to be able to talk to me about my older parent’s health?
Nope! As noted above, for permitted disclosures of health information, HIPAA does not require that a patient give written permission.
Instead, clinicians are allowed to use a patient’s verbal consent.
HIPAA also says it’s ok for clinicians to give patients an opportunity to object and to proceed if they don’t object, or even to “reasonably infer, based on professional judgment, that the patient does not object.”
Personally, I have often spoken to a patient’s adult children on the phone, because the patient told me it was okay to do so. However, I usually document in my clinical note that the patient said it was fine to talk to his or her children.
Last but not least, if a patient is not present or if it’s “impracticable because of emergency circumstances or the patient’s incapacity for the covered entity to ask the patient about discussing her care or payment with a family member or other person,” HIPAA says that clinicians can disclose information if they determine that doing so is in the best interest of the patient.
In short, HIPAA allows health providers to have a lot of leeway, when it comes to disclosing medical information to family and others. However, those disclosures will usually have to comply with the “minimum necessary” rule.
Most state laws are similar to HIPAA, but in some states, requirements may be more stringent.
You can find more details through these FAQs:
2. Can doctors talk to me about my older parent’s health during an emergency?
Yes, HIPAA allows this type of disclosure. So doctors are permitted to update you about your parent’s health during an emergency.
Furthermore, HIPAA does not require providers to ask family caregivers for proof of identity, before disclosing information.
That said, just because doctors are permitted to disclose information to you doesn’t mean they have to do it. As this FAQ notes, “a health care provider is not required by HIPAA to share a patient’s information when the patient is not present or is incapacitated, and can choose to wait until the patient has an opportunity to agree to the disclosure.”
For more information:
3. My older parent doesn’t want his doctor to talk to me. What can I do?
This question tends to come up when a family has become concerned about an older person’s mental and/or physical decline. Some older adults will resist their family’s desire to communicate with the doctor. So what can be done?
First of all, as a family member, remember that you are not a “covered entity.” So whether or not a doctor is permitted to disclose information to you, HIPAA does not prevent you from contacting your parent’s doctor and relaying any concerns or information you have.
You can even ask questions; the doctor probably won’t answer them, but it’s good for your parent’s doctor to know what kind of questions your family has.
Otherwise, if your parent has specifically told his doctor to not talk to you, then there are a couple of angles you can consider:
- Consider the possibility of incapacity. HIPAA does permit doctors to disclose information to family when a patient is incapacitated or otherwise unable to consent to the disclosure.
- If you think your parent might be incapacitated by cognitive decline, delirium, or another medical problem, ask the doctor to consider this.
- You can start by voicing concerns in a phone call, but it’s best to eventually put them in writing, because your letter will normally end up scanned into your parent’s medical chart. Be sure to include information on concerning behaviors of incidents that you have observed (such as any of these: 8 Behaviors to Take Note of if You Think Someone Might Have Alzheimer’s).
- You can learn more about incapacity here: Incompetence & Losing Capacity: Answers to 7 FAQs
- Has anyone been designated as durable power of attorney for healthcare? HIPAA allows a patient’s representative to request medical records and health information.
- Check any durable power of attorney documentation to see under what circumstances the agent has authority to act. Most documents require the older person to be incapacitated, but some allow the agent to act right away.
Of course, even if you are legally permitted to seek information about your parent’s health, your parent is likely to be angry about your doing so. The decision to override an older person’s decision or preferences is a serious one, and should only be considered under special circumstances.
If you have good reason to believe your parent’s insight and judgment are impaired, then it may be ethically reasonable to override their preference for privacy and take actions that will help them achieve their health and safety goals. Just be sure to think through the benefits and risks of your available options carefully, before you proceed.
Of course, what is better is that older adults plan ahead and tell their children what they should do if their older parent ever seems to be ill or mentally impaired, and refuses assistance. But as most older adults don’t get around to doing this, family caregivers do sometimes have to consider some difficult trade-offs when it comes to privacy versus health, safety, or other goals.
Relevant HIPAA FAQs and other information:
Incompetence & Losing Capacity: Answers to 7 FAQs
4. Does a power of attorney for healthcare give me the right to access my parent’s health information?
HIPAA gives a patient’s authorized “personal representative” the right to access information and medical records. A personal representative is defined as a person authorized, under State or other applicable law, to act on behalf of the individual in making health care related decisions.
So yes, if you are the durable power of attorney for healthcare, then you will have a right to access your parent’s health information, provided you are currently authorized to act.
A power of attorney document should specify under what conditions the agent can act. Some are “springing,” which means the agent can only act if the “principal” (the person signing the document) is incapacitated.
But other durable power of attorney documents may allow the agent to have authority to act right away. In this case, you can act unless there is a conflict with what the principal says (assuming the principal has not been deemed incapacitated).
For more information:
Guidance: Personal Representatives
Individuals’ Right under HIPAA to Access their Health Information
Addressing Medical, Legal, & Financial Advance Care Planning
5. My parents want their doctors to share health information with me. How can we make sure the doctors do this?
The best approach is for your parents to bring this up with their doctors and ask what should be documented, to ensure this.
Even though HIPAA itself does not require patients to provide written authorization in order to disclose information to family, clinicians usually feel more comfortable disclosing information if the patient has put something in writing. Many clinics have forms available for this purpose.
Another thing to consider is having your parents designate you as durable power of attorney for health. Consider having your parent indicate that your authority is effective immediately, rather than upon incapacity. (This is an option on health POA forms in California.) This will confirm your status as their “personal representive,” when it comes to requesting access to their medical information.
For more information:
More Useful HIPAA Resources
I’ve tried to cover the practical basics for caregivers in this article, but of course, there’s a lot more to HIPAA and medical privacy. As of 2020, there has also been additional guidance provided related to COVID, which you can find here: HIPAA and COVID-19.
Here are some of my favorite resources.
HIPAA Resource List
HIPAA FAQs for Professionals: Disclosures to Family and Friends
California Civil Code (regarding disclosures to family): CHAPTER 2. Disclosure of Medical Information by Providers
Individuals’ Right under HIPAA to Access their Health Information (Includes FAQs)
Next Step in Care Guide: HIPAA: Questions and Answers for Family Caregivers
Final Tips
Here are a few final tips for you to keep in mind, if you ever want to talk to a doctor about a relative’s healthcare.
- Plan ahead if possible.
- Older people should consider how their family might be able to communicate with doctors in the event of an emergency, or even in the event of developing memory or thinking problems.
- Find out how your family’s usual doctors and health providers will be most comfortable disclosing health information. Complete release of information forms ahead of time if possible.
- Every older person should complete a durable power of attorney form for healthcare. Consider giving the agent authority to act immediately; this will enable the agent to request medical records even if the older person has not been proven to be incapacitated.
- Consider researching your state’s laws governing disclosure of health information to family and friends.
- Many states have laws similar to HIPAA, but some may impose additional restrictions.
- Be prepared to politely help inform clinicians of what HIPAA permits. Some clinicians may not realize that HIPAA does allow them to talk to you about your relative’s health, depending on the circumstances.
- Consider printing out a copy of the relevant HHS HIPAA FAQs for Professionals: Disclosures to Family and Friends.
- For a good NPR story confirming that hospital employees and health providers often do NOT understand your access rights: It’s Your Right To See Your Medical Records. It Shouldn’t Be This Hard To Do.
- Remember that although HIPAA permits clinicians to disclose information under many circumstances, such disclosures are not required. Clinicians are only required to disclose health information when a patient — or authorized representative — requests this, based on the patient’s right of access.
This article was last reviewed and updated in July of 2024.
Lisa says
My father was diagnosed with dementia in November 2019. Suspicious activity has occurred since then. His house was sold and a new house bought in his wife’s name only. Not one month after he ends up in the hospital with broken bones in his face and a hematoma at the front of his brain. I spoke to two nurses by phone. They gave me 2 different stories of how he got hurt. One was told he bent down to pick up ball and fell and another was he was walking the dog and fell. So at this point I’m thinking someone is lying and those are major injuries for just picking up a bat. Keep in mind he’s always been physically strong and healthy and was bowling weekly with his 58 year old son. His wife, power of attorney forbids the hospital to give information to anyone but her and her daughter. He’s moved to nursing home during pandemic. I’m eldest living child. I called and talked to him. He can say yes but attempts to speak sentences. I dropped off candy to be delivered to him. Next I hear the wife changed the will and forbids the nursing home from letting us talk to him. Their excuse hippa act based on power of attorney. I told them that doesn’t apply to calls and visits only medical information. They’re using the hippa act to deny his eldest living children visits and calls. Is that legal?
Nicole Didyk, MD says
It sounds like a very difficult situation. It seems like a bit of a stretch to say that due to HIPPA a hospital could not accept gifts or visits, although accepting the gift would imply divulging that he is in the hospital…which is a piece of health information. In my experience, it’s usually better for families to try to find a compromise amongst themselves rather than involving lawyers and mediators but sometimes that can’t be helped. If there is a way to request a meeting with his doctor, or with staff at his home, that may be a way to begin.
Casey Carnley says
Hello! I have a father who we believe has some form of dementia. He has previously signed a form at his primary care physicians office granting me access to all his medical information. Recently there was an accident and he was taken to the hospital and his mental health has taken an enormous decline and he is not able to communicate his consent to release information to me. Will the form that he signed at his primary care physicians office cover me for anywhere or just cover me for information through the primary care physician?
Nicole Didyk, MD says
It’s not unusual for someone living with dementia to have a decline when they are admitted to hospital, and I can understand how difficult that must be for you.
The form in the doctor’s office will probably not apply to another setting, but it would certainly be helpful to demonstrate your dad’s wishes when he was capable of assigning that trust to you. I would ask the hospital if getting a copy of that form would help.
Cindy Kasprzak says
I received word from several confirmed sources that my sister, who was an addict, living in the streets and estranged from the family for years, has passed away. I have been advised that there are several sources who have attested to this. I was also told that her body was in the morgue waiting to be identified. I called the city medical examiner and they told me that they have no one fitting her description there and advised me to check with local hospitals and suggested filing a missing person report. I checked with the hospital in the area she was known to frequent and they tell me they can’t give me any information due to HIPPA. How can I go about locating my sister’s body in an effort to claim it and give her a proper burial?
Nicole Didyk, MD says
I’m sorry to hear about your sister’s passing. I am not a lawyer but my understanding is that when a person has died, it is usually up to the spouse (if there is one) and then the parents or children (if there are any) to claim the person’s body. If there are no such relatives then you may be entitled to claim her remains. Filing a missing persons report might be helpful if that is what the medical examiner recommended. Hope it works out.
Cheryl Little says
My husband’s dad recently had a massive stroke, which has left him incapacitated. In a nutshell his girlfriend, which we didn’t know existed, has not listed him as being a family member that can get updates on his condition. Does he not have the right to be able to get updates on his status being his only son? We do not know if a power of attorney exists.
Nicole Didyk, MD says
That sounds like a difficult situation and I’m sorry to hear about your father in law’s stroke. If your father in law’s girlfriend has a power of attorney, she may be able to decide on his behalf who can access his health information.
In most hospitals, health information isn’t shared unless the hospitalized person gives the family member a “privacy code” or at least a verbal consent. I would call the hospital’s privacy office to find out what their policy is and how to try to obtain information.
John Doe says
Riddle me this. A frustrated patient/Wife asks employee of a “covered entity” who is also her Husband to find out why she NEEDED to have a follow up appointment with the Dr at the Husbands place of employment ie. “covered entity”. Husband (who frequently handles questions of this type from patients) consults the patient/Wife’s chart, but is unable to discover the reason why from a quick review. The Husband then consults another employee at the “covered entity” who works with the Dr regarding the patient’s care, but is still unable to determine why. The Husband then consults the Dr and relays the relative information on to the patient/Wife. A week later the Husband, in lieu of the fact that the patient/Wife was frustrated, follows up with the employee that he spoke with previously to be sure the patient/wife had had a positive outcome at her follow up appointment. Is there any violation of HIPAA privacy laws here. If there is one, would any offense here be deemed a firable offense. Please Help with your advise.
Nicole Didyk, MD says
That’s quite a riddle and I’m not sure I follow you…
It sounds like A is the wife of Dr B, who works at Clinic C with Dr D.
A is a patient of Dr D.
Dr B looks at his wife’s chart, talks to employee E (another health professional?) and finally talks to Dr D, about Dr. B’s wife A.
A has her appointment with Dr. D, and then Dr B asks employee E how it went.
If I have that all correct, then according to HIPAA, Dr. B can’t look at A’s chart (or his own chart, even at Clinic C where Dr B works), and Dr.D and employee E can’t disclose health information about A, even to her husband, without A’s consent.
This type of thing happens very frequently and whether or not it is an offence that would lead to someone being fired depends on the policy of the clinic, as well as the regulations of Dr. B’s professional governing body. In my experience, Dr. B, and anyone who disclosed health information about A would probably get a censure from their administrator and have to review the privacy regulations at their workplace.
John Doe says
You have it all correct except Dr B isn’t a Dr and instead simply works in patient services. I don’t think this changes your reply though. From what I can gather, you are saying simply because its Dr B’s wife he cannot view the chart, but if it were any other patient he could?
Let me recap just to be sure because this seems like a real gray area to me, “Dr B” (not a doctor, just patient serviceman) in this case receives a request from the patient/his wife (she calls the clinic and he answers) to view the patient/his wife’s chart to determine why she needed a follow up. Now you are saying because it is his wife, he cannot look at the chart to determine why, but if it were not his wife he could. Is this correct? If so could you please reference the law that states that if a patient is immediate family to an employee their chart cannot be viewed by said employee even though the employee is acting in within their capacity as an employee in the care of the patient (who just happens to be immediate family). Thanks for helping me to clarify this question.
Nicole Didyk, MD says
Hi John. You can review the regulations here, and they do contain a lot of legal terms, but there isn’t a specific section about looking at a family member’s records if you work in the clinic.
However, the HIPAA Privacy Rule indicates that personal health information should only be accessed on a “need to know” basis, that is if the information is needed to provide care, payment, for research, or other functions. So, if B was just doing his job, answering the phone and looking at the chart as he would for any other patient, then it may be that he did “need to know” about the health information in question. It probably depends on the clinic’s privacy policy as to whether the situation you describe is an infraction.
The wife could also provide a written statement to the clinic indicating that she is OK with having her PHI shared with B, or give permission orally, preferably with a witness to keep it all above board.
Pam says
I am not incapacitated at all (not that old and in great health) and my oldest son wants to know when my appointments are. If he calls the clinic, and asks if I am a patient at that clinic and wants a record of my appointments, will the clinic give this information to him?
Nicole Didyk, MD says
Well, information about your medical appointments is considered personal health information, so they can’t disclose that, even to your son, without your consent.
Debra Normand says
Thank you for this informative website.
I am in a crisis situation with my mother who is 86 and most recently developed a kidney infection complicated by sepsis. She was in hospital 4 days after which my daughter discharged her and took her to a rehab facility and refused to tell me where she was. At this moment I don’t know if my mother is still at the facility because I’m not on the emergency list.
I am next of kin to my mother, her eldest child and for the past 16 years her primary caregiver. I live with her in order to take care of her.
How does my daughter have the ability to keep me non-informed along with healthcare providers who refuse to disclose my mom’s location after she left the hospital?
Unfortunately, I could never convince my mom to file a Medical Power of Attorney years ago and due to her diminished state she cannot make her own decisions and is now being influenced by what someone else is relaying to her.
Now I fear my daughter has relocated her again.
If you have any advice to offer I would greatly appreciate it.
Thank you for your time.
Nicole Didyk, MD says
Hi Debra. That must be a very distressing situation for you. I’m not a lawyer and my practice is in Canada, but here in Canada, if a person is capable, they can decide whether to leave hospital or not. If not capable, then an attorney named in a legal power of attorney would make decisions on the person’s behalf, superseding any other potential substitute decision maker. If there is no power of attorney established, then there is a decision maker hierarchy which places a spouse first, then a parent or child.
Is it possible your mother is capable? Or that she has given POA to your daughter? Sorry I can’t be more helpful, but it sounds like you may need to contact a lawyer to get the answers you need.
Debi Debusk says
Can a covered entity sign my name on a records release in order to get outside medical records on me and be held accountable for this? The information they requested when signing my name to get it was probably information they could have legally received with out my consent, but I was told that I signed the consent forms in person in the release of information office, when I did not sign any of them.
Nicole Didyk, MD says
If I am understanding you correctly, a healthcare provider signed your name on a release form to get some health information? And claimed that you actually signed the forms? That does not sound right, and I wonder if there is a misunderstanding. Sometimes an entity can sign a form that indicates that verbal consent has been received from an individual, but they should not be signing the individual’s name, they should be signing their own name and indicating that consent was obtained verbally. Sounds dubious to me, from the way you describe it, although I am not an expert in HIPAA.
Suong says
Can an Administrator from a personal care home suddenly tell my mentally ill son’s doctors not to give out any info. to his mother? I had a discussion with her the day before about putting him in a home closer to me so I can assist in his care. It appeared that she did not like the idea and wants to hang on to that money from the government she would be losing. The M.D.office said that the home called and said it has to do with the Hipaa law. This issue never came up in all the 30 years he has been sick. In fact I still was able to talk to his M.D a couple of weeks ago. They always would inform my ex and me when he was sick in the hospita.l I was able to freely speak with his M.D. there. I’m on a fixed income and can’t afford lawyer fees to get my rights back. No one has legal guardian ship or power of attorney. We just never a problem before.
Nicole Didyk, MD says
Hi Suong and sorry to hear about the difficulties you are having. It sounds like a complicated situation and I don’t think I have enough information, or expertise to give you any education. Most of the issues with consent and capacity that I work with are in older adults who have had changes in cognition due to dementia. I hope you can find some guidance and be able to participate in your son’s care.
Dal says
Hello,
My older sister has POA of our Father, who has Alzheimer’s disease. He is in a memory care facility in Maryland. She is currently working out of the country for an unspecified period of time. In the event she were unavailable, I am authorized to act and step in her place. However, should I have certified copies of this documentation, such as his financial POA, health proxy/ hippa release form in my possession? Additionally, my sister and I have a strained relationship, and only communicate when needed.
Thank you for your help.
Nicole Didyk, MD says
Hi Dal. I think it is a good idea to have copies of these documents, but I don’t know that they need to be certified. It can save time in an emergency to be able to produce such important paperwork. I hope you never need to use it.