Kerr Russell’s Patrick Haddad contributes “Disclosures of Protected Health Information to Health Plan Vendors” to the June/July Oakland County Medical Society Bulletin. Excerpt: “Health plans frequently contract with vendors to perform medical chart reviews and to collect data from clinical records.”
Health plans will do this for various reasons, such as collecting risk adjustment data for Medicare Advantage program purposes or in connection with the operation of case management programs. Physicians often ask whether HIPAA requires them to obtain the patient’s written authorization or to have a business associate agreement in place with the health plan or its vendor. When specified conditions are satisfied, HIPAA permits physicians and other health care providers to allow a health plan or its vendor access to their clinical records without obtaining the patient’s authorization or entering into a business associate agreement with the plan or its vendor.” Read the article in its entirety here.