Department overview |
|
|
|
|
|
|
|
Publications |
|
|
|
|
|
|
|
The following questions and answers address regulations called Standards For Privacy of Individually Identifiable Health Information (the privacy rule), issued by the federal Department of Health and Human Services to implement the Health Insurance Portability and Accountability Act (HIPAA). The effective date for the privacy rule is April 14, 2003. There are links at the end of this page to additional resources, including the actual regulations and guidance materials developed by the Department of Health and Human Services, Office of Civil Rights.
|
Disclaimer: This series of questions and answers relates only to the impact of the Health Insurance Portability and Accountability Act (HIPAA) regulations on the Minnesota workers' compensation system. This document is a reference tool only and should not be construed as offering or providing legal advice. While the Department of Labor and Industry has made a good-faith effort to provide accurate and useful information, it makes no representation and accepts no liability for any reliance on the completeness or accuracy of this information. This information is not intended to take the place of either the written law or regulations. Readers are encouraged to read the referenced HIPAA rules and the Minnesota workers' compensation statutes and rules because this document contains only a summary of the relevant provisions. A link to the HIPAA Privacy Rule and other resources is provided at the end of this document. |
[1] See 2007 Laws of Minnesota, Chapter 147, Art. 10, Sec. 2-9.
[2] HIPAA permits release of PHI, including the bill, for purposes of obtaining payment for health care provided [45 CFR 164.502 (a) (l) (ii)]. However, the Minnesota Health Records Act does not allow release of medical data for payment purposes without patient consent. Because Minnesota law is more protective, it must be followed.
[3] Under Minnesota workers' compensation law, an employee who has filed a claim petition must furnish a list of physicians and health care providers from whom the employee has received treatment for the same or a similar condition, and must provide authorizations to release relevant data to the requester. The claim petition may be stricken for failure to timely provide authorizations. [Minnesota Statutes 176.291]
[4] In all cases of a request for medical data or discussion with a provider, employees must be sent written notices according to M.S. 176.138 (a).
[5] HIPAA also permits disclosure of PHI to an employer about a workforce member, to comply with an employer's obligations under OSHA, if the employees are given written notice of the disclosure. [HIPAA 45 CFR 164.512(b)(v)]
[6] For purposes of assessing penalties under M.S. 176.138, a current claim for compensation means "any claim for compensation under M.S. Ch. 176, for which benefits are currently being paid or are being claimed by an employee, whether or not a claim petition has been filed." [Minnesota Rules, part 5220.2810]
[7] Psychotherapy notes are defined as "notes recorded in any medium by a health care provider who is a mental health professional documenting or analyzing the contents of conversation during a ... counseling session and that are separated from the rest of the individual's medical records. Psychotherapy notes exclude medication prescription and monitoring, counseling session start and stop times, the modalities and frequencies of treatment furnished, results of clinical tests, and any summary of the following items: diagnosis, functional status, the treatment plan, symptoms, prognosis, and progress to date." [45 CFR 164.501]
Filing a complaint