[ Tuesday, October 19, 2004 ]
More Thoughts on Rush's Medical Records: I meant to post this below, but once Rush's medical record decision was out (basically saying the police could get medical records without an individual's prior knowledge or consent if they had a proper subpoena or search warrant), there was a small flurry of banter on the American Health Lawyers Association's listserv for Health Information Technology (sometimes known as the "HIT list") about a New York case involving parties attempting to get access to medical records. In that case,
Keshecki v. St. Vincent's, the defendants wanted to use medical opinion testimony from a couple of the plaintiff's other doctors. The defendants' lawyers apparently spoke with the doctors about the patient without the patient having given consent and in an informal setting (i.e., not a deposition where the plaintiff and her lawyer were present, sometimes called an "ex parte" communication). The court said that, because the other doctors had spoken with the defendant hospital and doctor about the plaintiff's medical records without getting a release or authorization from the plaintiff, the information the defendants got was basically "fruit of the poisoned tree," and could not be used by the defendant. Basically, the court said that the non-party doctors owed the plaintiff confidentiality, which was breached when the non-party doctors talked to the defendant doctor and hospital, but rather than giving the plaintiff the right to go after the non-party doctors, the court determined that the plaintiff could exclude the evidence the non-party doctors had to offer.
When a defense lawyer is trying to find out how to defend a malpractice case, he ought to be able to find out the medical records and condition of the plaintiff to make sure the damage was really caused by the defendant. And when the plaintiff has made a medical condition a part of the claim, the plaintiff really has given up the right to keep the defendant from investigating the condition and the claim. However, when you're the defense counsel, you don't necessarily want to get all of the information on the record until you can determine what helps you and what hurts you; that's the old adage of never asking a question if you don't know what the answer is.
The court here determined that, at least in New York, "HIPAA and its regulations have changed the rules regarding ex-parte communications with a plaintiff's treating health care providers," and HIPAA preempted any New York law allowing it. The court also determined that the defense counsel fooled the non-party doctors into thinking they had to release the information and talk to the defense counsel under their subpoena power.
There are a few cases in other jurisdictions imposing similar restrictions on the use of medical information wrongly obtained (or obtained without authorization): Law v Zuckerman, (US Dist. Md., 2004), 2004 U.S. Dist. Lexis 3755 (Maryland law allowing ex parte communications preempted by HIPAA; authorization now required; citing unpublished New Jersey case In Re PPA Litigation, September 23, 2003 (2003 WL 22203734 (N.J. Super L., 2003) as support); Crenshaw v MONY Life Ins. Co., (US, So. Dist Cal., 2004), 2004 U.S. Dist. Lexis 9882 (ex party discussions between defense counsel and plaintiff's physician, and use of physician as expert witness, allowed by California law but preempted by HIPAA; testimony not stricken, but sanctions applied); and Lillebo v. Zimmer, Inc., Civil No. 03-2919 (Jrt/Fln), Civil No.
03-2920 (Jrt/Fln), 2004 U.S. Dist. Lexis 18454 (USDC, Minn) (Minnesota law prohibits ex party contacts).
Ultimately, the lesson here is that whenever medical information is being disclosed, the party attempting to make the disclosure
MUST make sure that HIPAA will allow the disclosure. However, remember that there are a handful of ways to get PHI in litigation or in governmental action, and there's always the route of getting the patient's authorization. If you have questions, check out Section 164.512 of the Privacy Rule, and walk through it to see if your situation is specifically addressed (of course, make sure you check out the definitions in 160.103 and 164.501, and don't just assume the words mean what you think they mean).
Hat tips to Alan Goldberg, Ed Shay, and John Cody for the cases and analysis.
Jeff [2:15 PM]
http://www.blogger.com/template-edit.g?blogID=3380636
Blogger: HIPAA Blog - Edit your Template