Psychiatrists sometimes ask what they are obligated to provide when receiving a request for records.  Often these records contain sensitive (and potentially harmful) information about the patient or others (such as spouse, parent, sibling, offspring) if disclosed as part of the fulfillment of the records request.   A request for records can present a quandary for the psychiatrist, psychologist or psychotherapist.   Note: “Medical records” hereafter will be used to encompass mental health and behavioral health information, in addition to medical data, such as results (for labs, xrays, mental assessments and personality tests), prescriptions, consults, and referrals.  Likewise, from this point forward, “patient” will be construed to include the patient (for medical treatment) or the client (for psychotherapeutic treatment).   The following are issues to consider when a request is received.   Step 1:  The rationale for the request While requests can be made for a variety of reasons, usually they are made to satisfy one of three principle needs:    The patient is moving away from the area in which you practice and wants to take the records with him/her in order to make available to the new provider a summary of care rendered while working with you.   Another party – acting on the patient’s behalf – requires information contained in the patient’s record, such as:   the Social Security Administration (to determine eligibility for disability benefits) Worker’s Compensation (to assess or verify the emotional and mental impact of injuries sustained on the job) insurance carriers, managed care entities or a TPA (third party administrator) for reimbursement other healthcare providers or healthcare systems (such as hospital, clinic or rehabilitation facility) to provide ancillary or specialized care to your patient   An attorney representing the patient, the patient’s guardian or some other special interest   Step 2:  Making the proper request for release of information In any of the above-mentioned instances, the request should:   be in writing include a HIPAA-compliant authorization signed by the patient or the patient’s legal guardian    “Legal guardian” may be a parent – in those cases where the patient is a minor – or a court-appointed guardian for those individuals deemed incompetent  (for minor children 14 years and older, signatures of both the minor patient and the parent/guardian are recommended). The authorization should be time-specific (e.g., from 01-01-2004 through 12-31-2006).  Unless otherwise noted, the authorization should be regarded as “in effect” for one year from the date of execution, but not longer.  And finally, there should be a caveat to the effect that the authorization is revocable immediately upon receipt of a written request by the patient or the patient’s guardian to do so.  Be vigilant regarding the details. Information with respect to a patient’s drug and alcohol treatment, HIV/AIDS diagnosis and treatment, or mental health diagnosis and treatment requires an authorization that is specific in the identification and authorization to release information for each of these areas.  The sample HIPAA-compliant authorization to release form that is available for downloading from the Physician Office Practice Toolkit, found on our secure website at princetoninsurance.com,* provides a box that needs to be checked for each of the areas referenced above.  Make certain the information you release is the information requested, and be sure to maintain the request in the patient’s record.   If you have other questions with regard to HIPAA, refer to Princeton’s Reducing Risk publication, “HIPAA Privacy Rule,” found on our website at princetoninsurance.com - click on the “Healthcare Risk Services Information”  button) or copy and paste this address directly into your internet browser: http://www.pinsco.com/downloads/reducing_risk/ HIPAA.Privacy.Rule.Alert.May05.pdf     Step 3:  What information to provide to satisfy the request For the lion’s share of records request, the information that will satisfy the request includes:   Dates of treatment (beginning date, dates of service and last date of contact, if applicable) A summary of the treatment, including the treatment plan goals patient adherence to that plan an indication as to how successful the treatment plan was in meeting treatment goals an explanation for how the treatment plan was revised during the treatment period and for what purpose(s)  Likewise, if prescribing medications, a list of meds should be included, along with any labs required to monitor toxicity levels, efficacy dosages, and so on  Information that is deemed to be potentially injurious to that individual’s overall health and welfare may be withheld from certain requests for records (usually those made directly from the patient).   *You must be a registered user at PrincetonInsurance.com to access the insured secure site, where the Physician Office Practice Toolkit and other valuable resources can be located. If you need help registering, call our Help Desk at 1-800-334-0588.   Continue to pg. 2