Campaign: Developers and HIPAA

Teaching Hospitals and HIPAA Privacy

I work for a University medical school that employs physicians as faculty and who teach at the hospital. I would like to know more about how far the ability access patient's records for educational purposes reaches. For example, if a Radiologist faculty member treated several patients with interesting or notable conditions and wanted to use the films as a teaching guide for residents, then what guidance or protocols should that faculty member follow that would permit the residents to access that patient's medical records to view the films without violating HIPAA? The residents were not treating physicians, but the faculty member was; or maybe only one or two residents were involved in the actual care of the patient but several others were not. Does the faculty member have to log-in to the electronic medical record under their user id, deidentify all of the patient's PHI, and then show the residents the films? Can the faculty physician simply give the patient's MRN to the residents and tell them to look up the films using their own user id's since it's for educational purposes?

Submitted by

Tags (If you have a multi-word tag, add a hyphen (-) between the words.)

Who are your customers? Check all that apply : Business associates (operates on behalf of/provides service to health care provider/health plan, e.g., an EHR vendor), General Public, Health plans or health care providers, Patients/Individuals/Consumers

What is your organization? : Health care provider or health plan, Not for profit, Attorney/other compliance consultant

Voting

2 votes
2 up votes
0 down votes
Answered Questions
Question No. 10