Q – When is it legal for someone to examine patient records?
A – when they are a legislator seeking to “defend doctors he believes were wrongly the subjects of misconduct investigations by the [Texas Medical} board, which licenses the state’s physicians.”
According to an article in the Texas Tribune, that’s exactly what happened in Texas. As a state legislator, former state Rep. Bill Zedler, R-Arlington, “had authority to obtain and review private patient and physician records. The Texas Medical Board provides such records — which also detail patient treatment — only by special request and solely for official legislative purposes.”
Wait. Did I just write that? How does a state law supersede HIPPA, which mandates confidentiality of patient records?
And it turns out Zedler did NOT review the records for legislative purposes, but rather to assist specific physicians, two of whom were – you guessed it – large campaign donors. According to the Texas Tribune, Zedler requested records from the Texas Medical Board for:
“Houston anesthesiologist Vladimir Redko and Dallas thoracic surgeon Dr. William Rea, neither of whom were constituents. According to the board’s disciplinary orders, both were ultimately sanctioned for “egregious” treatment violations ranging from performing invasive procedures to injecting natural gas and jet fuel into the patients in order to diagnose chemical sensitivities. Records show that the doctors gave Zedler a combined total of $25,000 in the past half-decade and that some contributions were made just weeks before Zedler requested their case files.”
Zedler reviewed the medical records himself; while he’s not a physician, or nurse, he was a medical equipment salesman, so “I know what appropriate treatment is and isn’t,” he says. “I sold equipment, so a lot of times my customers were doctors. I’ve been inside surgical suites before — that kind of stuff.”
Zedler didn’t limit his investigations to the Texas Medical Board. Again, according to the Tribune, “Physician investigators at a separate agency, the Division of Workers’ Compensation of the Texas Department of Insurance, recall that Zedler also took great interest in doctors who were under investigation at workers’ comp.[emphasis added] Dr. Bill Nemeth, the division’s former medical advisor, says Zedler had some success in stopping investigations of the doctors on whose behalf he intervened.”
On the basis of his experience selling medical equipment, Zedler took it upon himself to examine what would normally be considered confidential patient records, then contact the state regulatory authorities in an effort to get them to drop investigations of at least two physicians who were significant campaign donors.
And this guy is running for election.
Sep
21
Joe,
While an interesting topic to say the least, I believe your reaction to sidestepping HIPPA is a bit naive.
You’ve covered this industry longer than most, which is why I find it interesting that such an action received not only comment but comment in BOLD. After all, for how long now have Bill Review companies, along with other related industry types, been sending bills overseas to be processed?
The reality is HIPPA, while created with the best of intentions, is little more than a joke at this point. It was something created by the government so that lawmakers could turn around and tell their constituents that they are looking out for their best interests. Enforcement however, like most things, was thrown to the wind.
I understand this is an editorial piece, and by all means I agree what was done was wrong, but let’s not mislead the folks out there into believing that HIPPA is being followed by a vast majority of folks in our industry when the reality is, it is not.
Kevin – thanks for the comment.
HIPAA violations are pretty serious and subject to enforcement; don’t know why your sense is “HIPPA is [not] being followed by a vast majority of folks in our industry”. my experience is quite the opposite.
the reason for the post is what appears to be misuse of public office to help donors. At least that what seems to be the case from the TT piece.
My sense is based on experience with several bill review companies that outsource either the EDI of the bill or the outright data entry. Within that information that is being passed to the vendors with overseas staffing, information specific to the claimant is being included (ie. Name, Address, Date of Birth and even in some cases the SSN if it’s on the actual bill).
If my experience was with only a single BR company, then I’d say it’s anecdotal but unfortunately I’ve seen it occur at several different BR companies.
Again, I found your piece insightful and am in full agreement that the use of claimant information to help defend donors is without question wrong. Just was making the point that HIPPA unfortunately has more bark than bite.
If this story turns out to be true, we really have two problems here. One, as you noted, is a state law that seems to supersede HIPPA. The other is the salesman and office-holder who seems to have violated both!
Only in Texas . . .
Kevin: Are you sure that HIPAA applies to the bill review scenario(s)you mentioned above?
Here is guidance from the TWC website on HIPAA exemptions related to WC that essentially make HIPAA irrelevant on WC claims.
Workers’ Compensation and HIPAA
There is no problem with employers, workers’ compensation insurance carriers, physicians, and other participants in the workers’ compensation system sharing protected health information with each other in connection with workers’ compensation claims and appeals. HIPAA specifically allows three exemptions for workers’ compensation-related matters:
if the disclosure is “[a]s authorized and to the extent necessary to comply with laws relating to workers’ compensation or similar programs established by law that provide benefits for work-related injuries or illness without regard to fault.” 45 C.F.R. § 164.512(l).
if the disclosure is required by state or other law, in which case the disclosure is limited to whatever the law requires. 45 C.F.R. § 164.512(a).
if the disclosure is for the purpose of obtaining payment for any health care provided to an injured or ill employee. 45 C.F.R. § 164.502(a)(1)(ii).
Thus, the employee’s written authorization is not necessary for the disclosure if one of those exceptions applies, and the employee also would not be able to require the covered entity to withhold the information under 45 CFR § 164.522(a). The bottom line is that if any health-related information is being exchanged in conjunction with a workers’ compensation claim or appeal, the HIPAA privacy rule will not stand in the way.
Wondering if some of the confusion here is due the fact that in most cases HIPPA does not apply to workers’ compensation – as workers’ comp carriers/networks were not included in the initial Rule definition of a Covered Entity (45CFR). Needless to say, this is not the type of quack I would want representing me. Perhaps he has been insufflating too much jet fuel and natural gas on his campaign trail.