Ø Myth: One doctor’s office cannot send a patient’s medical
records to another doctor’s office without patient consent.
Fact: A physician can use or disclose protected heath information for treatment, payment or health care operations without
Ø Myth: HIPAA prohibits or discourages e-mail between doctors and patients.
can use e-mail with appropriate safeguards, such as encryption software or other security measures.
Ø Myth: Only the patient can pick up his or her prescriptions.
Fact: A family member
or other individual may act on the patient’s behalf to pick up filled prescriptions, medical supplies, x-rays or other
similar forms of protected heath information.
Ø Myth: The privacy regulation mandates all sorts of new disclosures of patient information.
Fact: Disclosure is mandated in only two situations: to the individual patient upon
request, or to the secretary of the Department of Health
and Human Services for use in oversight investigations. Disclosure is permitted,
not mandated, for other uses under certain limits and standards.
Ø Myth: If a patient refuses to sign an acknowledgement that he or she received a
notice of privacy practices, the physician can, or must, refuse to provide services.
Fact: HIPAA grants the patient a “right to notice” of privacy practices
for protected health information, and requires providers to make a “good-faith effort” to get patients to acknowledge
receipt. The law does not grant physicians the right to refuse to treat people
who do not sign the acknowledgement, nor does it subject the physicians
to liability if a good-faith effort was made.
Source: The Health Privacy