Tanya, Thanks for your comment. I re-reviewed the rule and the exclusions to the accounting and have done a 180 on my position on the need to account for disclosures to other CEs for their TPO purposes. The use of PHI for another entities TPO purposes is in 164.506 - and that is an exclusion in the accounting of disclosures, 164.528(a)(1)(i).
Thank you for careful reading and questioning. Christine Jensen HIPAA Project Manager Denver Health 303.436.7942 -----Original Message----- From: Lang, Tanya [mailto:[EMAIL PROTECTED]] Sent: Monday, September 09, 2002 7:20 AM To: Jensen, Christine Subject: RE: Disease Registry Hi Christine, I am interested in your comment regarding accounting for a disclosure of PHI made to another CE for TPO. I didn't believe this is part of what needs recording and tracking. I'm wondering if you could share your thoughts as to why we need to account for this. Thank you in advance. Best regards, Tanya Lang, MPA, RHIA Privacy Analyst Hospital of Saint Raphael New Haven, Connecticut 203.789-5917 [EMAIL PROTECTED] -----Original Message----- From: Jensen, Christine [mailto:[EMAIL PROTECTED]] Sent: Friday, September 06, 2002 7:24 PM To: Lamb, Tina; [EMAIL PROTECTED] Subject: RE: Disease Registry Tina In relation to registries there are a few issues to consider-- In many states they are required by law, and the disclosures are permitted by the privacy rule to the extent they are required by law. What I wonder is if over time we've had "scope creep". The state law requires reporting 12 data elements for example - but over time agencies have asked CEs to also provide some additional data. Without individual authorization the CE is restricted to report only the data required by law - so check your state's laws carefully to ensure your organization is reporting no more than the required data. You could check and see if the limited data set or de-identified data would suffice for reporting. Knowing what the laws are in Colorado the response would be "no" - but it is worth a try. Accreditation is considered part of health care operations, so following patients will be permitted. Of course I suspect that you have issues of getting some of the follow-up information from other providers. The change in consent provision does allow one CE to disclose PHI to another CE for the 2nd CE's payment and healthcare operations purposes. The downside is the disclosure by the CE holding the PHI has to be included in the accounting of disclosures. I also think it is an important issue to raise with the American College of Surgeons - there will be individuals that you may not be able to follow related to the privacy rule and how various providers choose to comply. It seems like they will have to cut some slack if you make a good faith effort. Christine Jensen HIPAA Project Manager Denver Health 303.436.7942 -----Original Message----- From: Lamb, Tina [mailto:[EMAIL PROTECTED]] Sent: Thursday, September 05, 2002 12:09 PM To: [EMAIL PROTECTED] Subject: Disease Registry We are looking at how HIPAA is going to impact our disease registry program, e.g. cancer and trauma. I am aware that state law requires this reporting, however, for our cancer registry program, we follow patients progress to be accredited by and in accordance with the American College of Surgeons. If we have to obtain a patient's authorization and the patient refuses, we have not met our obligation... how are hospitals interpreting this process under the HIPAA guidelines? Thanks for any assistance you can provide. Tina C. Lamb HIPAA and Corporate Compliance Coordinator St. Francis Hospital, Inc. 706/596-4411 x 5657 The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited. The WEDI SNIP listserv to which you are subscribed is not moderated. The discussions on this listserv therefore represent the views of the individual participants, and do not necessarily represent the views of the WEDI Board of Directors nor WEDI SNIP. If you wish to receive an official opinion, post your question to the WEDI SNIP Issues Database at http://snip.wedi.org/tracking/. Posting of advertisements or other commercial use of this listserv is specifically prohibited.
