If a patient were to ask you not to reveal their private information to anyone at all do they have that right under the HIPAA laws?
HIPAA privacy regulations have always given individuals the right to request restrictions on how health care providers use or disclose their information, but until recently, health care providers have always had the discretionary power to say “no” to these requests if they felt it would impair their ability to properly treat their patient or to get paid by the insurance companies.
However the HITECH amendments recently proposed to supplement the HIPAA laws change that, to a certain degree at least.
Now, when a patient is paying for their own treatment out of their own pocket, or another private individual is footing the bill and they request that you share none of their information you must comply with their wishes.
The patient will also have the right to make their request on a visit by visit basis. For instance if you (or the medical practitioner you work for) regularly sees a patient for a certain complaint that is covered by his or her insurance but then opts to pay out pocket for a non-covered treatment they have the right to request that you share none of the details of the treatment they paid for themselves with anyone, including their health insurance company.
More headaches? Maybe. Tracking which patient procedures can be shared and which cannot may prove cumbersome. But the extra effort will be worth it in the long run to ensure your diligent efforts to remain HIPAA complaint are not derailed.