Revenue Cycle Management
COVID-19
Reimbursement
Diabetes Awareness Month
Risk Management
Patient Retention
Staffing
Medical Economics® 100th Anniversary
Coding and documentation
Business of Endocrinology
Telehealth
Physicians Financial News
Cybersecurity
Cardiovascular Clinical Consult
Locum Tenens, brought to you by LocumLife®
Weight Management
Business of Women's Health
Practice Efficiency
Finance and Wealth
EHRs
Remote Patient Monitoring
Sponsored Webinars
Medical Technology
Billing and collections
Acute Pain Management
Exclusive Content
Value-based Care
Business of Pediatrics
Concierge Medicine 2.0 by Castle Connolly Private Health Partners
Practice Growth
Concierge Medicine
Business of Cardiology
Implementing the Topcon Ocular Telehealth Platform
Malpractice
Influenza
Sexual Health
Chronic Conditions
Technology
Legal and Policy
Money
Opinion
Vaccines
Practice Management
Patient Relations
Careers

Bypassing authorization

June 18, 2004

Article

I'm considering doing some medical research, but want to avoid the hassle of obtaining individual authorizations from patients whose records I'll need to obtain from the hospital. Can I bypass all this paperwork without violating HIPAA?

Q:I'm considering doing some medical research, but want to avoid the hassle of obtaining individual authorizations from patients whose records I'll need to obtain from the hospital. Can I bypass all this paperwork without violating HIPAA?

A: You can ask the hospital for a "limited data set," which is medical data from which direct patient identifiers have been removed. Before sharing the information in the limited data set, the hospital will require that you sign a "data-use agreement," which specifies who may receive the information, its permissible uses, and how you intend to protect its confidentiality. A word of caution: Since the information in a limited data set still contains identifying itemssuch as admission and discharge datesyou may disclose it only for research purposes, or for public-health functions or healthcare operations. If you disclose such data for other reasons, you risk violating the law.