Anonymous wrote:The phrase “for treatment purposes” is key there but access seems to go beyond that.

Anonymous wrote:I agree, OP.

Despite all the "privacy" protections supposedly in place, these databases are WIDE open for abuse.

When did I ever say it was okay to have my private information made available to any physician, or his/her assistant, or receptionist, to peruse and perhaps share with an enemy (such as the stalker who harassed and bullied me for years). Don't tell me it doesn't happen. Of course it does.

I would have *never* given my okay for this information to be shared on a platform where any nosy person who wants to look at it can look at it. When did i I say it was okay to set up my information on one of these databases?!

Would someone please explain how this is even legal, given our privacy laws?

Question: Does the HIPAA Privacy Rule permit a doctor, laboratory, or other health care provider to share patient health information for treatment purposes by fax, e-mail, or over the phone?

Answer: Yes. The Privacy Rule allows covered health care providers to share protected health information for treatment purposes without patient authorization, as long as they use reasonable safeguards when doing so. These treatment communications may occur orally or in writing, by phone, fax, e-mail, or otherwise.

https://www.hhs.gov/hipaa/for-professionals/faq/482/does-hipaa-permit-a-doctor-to-share-patient-information-for-treatment-over-the-phone/index.html

Anonymous wrote:

Anonymous wrote:We can see other providers records if you have given permission for the two systems to “talk“ to each other. My practice uses Epic which is pretty widely used, and there have been situations where it’s been really helpful to be able to see other practice records. But that’s only possible if, the patient has signed consents. And I assure you, nobody has extra time to just be sitting around poking in records that aren’t relevant to what we’re seeing the patient for. Your dentist could not care less about your OB/GYN visit.

Don't you want him to know about your teeth down there?

Anonymous wrote:I agree, OP.

Despite all the "privacy" protections supposedly in place, these databases are WIDE open for abuse.

When did I ever say it was okay to have my private information made available to any physician, or his/her assistant, or receptionist, to peruse and perhaps share with an enemy (such as the stalker who harassed and bullied me for years). Don't tell me it doesn't happen. Of course it does.

I would have *never* given my okay for this information to be shared on a platform where any nosy person who wants to look at it can look at it. When did i I say it was okay to set up my information on one of these databases?!

Would someone please explain how this is even legal, given our privacy laws?

Anonymous wrote:

Anonymous wrote:Would they be able to access them, theoretically? Probably. Would they be allowed to, according to HIPAA, if you did not sign a form allowing them to share records with other providers? No. And regardless, sharing of records from, say, an OB to an Ophthalmologist would only happen if the ophthalmologist had a medical reason to need to see the notes, even if you technically signed that you were ok with it. If your eye doctor is reading about your C section 12 years ago just for fun , that’s not allowed.

HIPAA doesn't require consent for sharing between providers.

Anonymous wrote:Would they be able to access them, theoretically? Probably. Would they be allowed to, according to HIPAA, if you did not sign a form allowing them to share records with other providers? No. And regardless, sharing of records from, say, an OB to an Ophthalmologist would only happen if the ophthalmologist had a medical reason to need to see the notes, even if you technically signed that you were ok with it. If your eye doctor is reading about your C section 12 years ago just for fun , that’s not allowed.