skip to content
Mythbuster:  Redisclosure Of Medical Records

Mythbuster: Redisclosure Of Medical Records


Legal HIMformation
(April 2006)

At virtually every speaking engagement we present, we encounter stubborn resistance to the concept that "all" of a patient's medical record does indeed mean "all" of that record, particularly in the context of records provided in the course of litigation.  Usually the discussion revolves around a provider refusing to produce a portion of its medical record that was received from another source (such as another physician's office, another hospital, or something of the kind).  So, we thought we'd debunk some of the myths (because, unless your state has some unusual law that would prohibit such a disclosure, that's what they are) that still cause HIM professionals to withhold some of their records when they are requested to produce them.

Myth Number 1: "Federal law prohibits redisclosure."

This is true only in two limited circumstances, but it's absolutely a myth in all other cases.  The first circumstance involves records created by drug and alcohol treatment programs that receive federal assistance, as explained in 42 C.F.R.  Part 2.  Absent the specific authorization of the patient (ever wonder where the folks that drafted HIPAA got the idea for authorization?), providers maintaining or receiving records of this type of treatment may not disclose it to anyone else.  In fact, the sending organization is supposed to mark each and every page of such records with a noticeable disclaimer (which is set forth in the regulations) reminding the recipient of the prohibition against redisclosure.

The second circumstance is not universal but applies to the Medicaid program.  If a Medicaid beneficiary claims damages in a tort suit and if the medical care necessitated by the compensable injury was covered by Medicaid, then Medicaid has a right of subrogation against any judgment the beneficiary receives in the tort action.  In order to prove the amount of the subrogation right, providers may be required to submit records.  These records, in this limited circumstance, may not be redisclosed, and a disclaimer must be placed on each and every page of these records as well.  Check with your state Medicaid program to see if your state has such a restriction and what language is required for the disclaimer.

Myth Number 2: "I don't know if those records are true and accurate, so I can't certify them."

The fact of the matter is that, unless you are a sole practitioner and you do all of your own records maintenance and handling, you as the HIM professional have no idea whether the contents of your own records are objectively true – that is, you don't know whether the blood pressure was recorded accurately or whether the x-ray really shows cancer.  You presume everything in the record is true, but you have no actual knowledge whether it is or not.  Your certificate, therefore, can only relate to the contents of the copy you are being asked to produce, and whether the copy contains the same information as the original.  In other words, if the stack of paper to be copied looks just like the copy, you have provided a true and accurate copy.

Myth Number 3: "We're just keeping them because the patient asked us to; we don't use them."

This practice of "using" only part of the record raises a serious risk management concern.  In some states, there is a developing theory of professional malpractice negligence that relates to review of all available information.  In such cases, the medical professional could be held liable if anything in the voluminous record could have caused him or her to change the plan of care, order additional tests, make different decisions, etc.  Given enough hard work and effort, a plaintiff's medical expert can always find something that would raise an issue with a jury, especially if a provider keeps everything.  Hopefully you can see the problem with retaining your own old records; now compound that problem by introducing into the stack records you have never reviewed.  A provider has no idea what time bombs might be ticking away in a batch of records he or she might have been keeping only as a favor to the patient.

As a consequence, we strongly urge providers to adopt and follow a records retention and destruction policy.  Get rid of old records as soon as the law allows.  Don't accept copies of records from patients.  Don't accept records from other providers that you don't request specifically.

Why This Matters

The medical records custodian's certificate is testimony under oath, which means that a knowingly false statement in it amounts to perjury.  Also, if you've never suffered the embarrassment of having a lawyer examine you as a witness and prove that you did not produce everything in your custody when asked to in a subpoena, believe me when I tell you that it can be an uncomfortable experience.  Finally, and most importantly, the totality of the record justifies why clinicians made the decisions they did in treating the patient.  Omitting a part of that record does not tell the whole story and can expose the clinician (and perhaps the facility) to malpractice liability.  If something is used in assessing the patient or developing the plan of care, treat it as part of the official, legal medical record.

Myth BUSTED!

ASSOCIATED SERVICES
Associated Industries
DISCLAIMER

Each of our lawyer's e-mail address is provided with his or her biography. If you are not a current client of our firm, you should not e-mail our lawyers with any confidential information or any information about a specific legal matter, given that our firm may presently represent persons or companies who have interests that are adverse to you. If you are not a current client and you e-mail any lawyer in our firm, you do so without any expectation of confidentiality. We will not establish a professional relationship with you via e-mail. Instead, you should contact our firm by telephone so that we can determine whether we are in a position to consult with you about any legal matters before you share any confidential or sensitive information with us.