• Revenue Cycle Management
  • COVID-19
  • Reimbursement
  • Diabetes Awareness Month
  • Risk Management
  • Patient Retention
  • Staffing
  • Medical Economics® 100th Anniversary
  • Coding and documentation
  • Business of Endocrinology
  • Telehealth
  • Physicians Financial News
  • Cybersecurity
  • Cardiovascular Clinical Consult
  • Locum Tenens, brought to you by LocumLife®
  • Weight Management
  • Business of Women's Health
  • Practice Efficiency
  • Finance and Wealth
  • EHRs
  • Remote Patient Monitoring
  • Sponsored Webinars
  • Medical Technology
  • Billing and collections
  • Acute Pain Management
  • Exclusive Content
  • Value-based Care
  • Business of Pediatrics
  • Concierge Medicine 2.0 by Castle Connolly Private Health Partners
  • Practice Growth
  • Concierge Medicine
  • Business of Cardiology
  • Implementing the Topcon Ocular Telehealth Platform
  • Malpractice
  • Influenza
  • Sexual Health
  • Chronic Conditions
  • Technology
  • Legal and Policy
  • Money
  • Opinion
  • Vaccines
  • Practice Management
  • Patient Relations
  • Careers

Bypassing authorization

Article

I'm considering doing some medical research, but want to avoid the hassle of obtaining individual authorizations from patients whose records I'll need to obtain from the hospital. Can I bypass all this paperwork without violating HIPAA?

Q:I'm considering doing some medical research, but want to avoid the hassle of obtaining individual authorizations from patients whose records I'll need to obtain from the hospital. Can I bypass all this paperwork without violating HIPAA?

A: You can ask the hospital for a "limited data set," which is medical data from which direct patient identifiers have been removed. Before sharing the information in the limited data set, the hospital will require that you sign a "data-use agreement," which specifies who may receive the information, its permissible uses, and how you intend to protect its confidentiality. A word of caution: Since the information in a limited data set still contains identifying items—such as admission and discharge dates—you may disclose it only for research purposes, or for public-health functions or healthcare operations. If you disclose such data for other reasons, you risk violating the law.

Related Videos
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health
© National Institute for Occupational Safety and Health