A HIPAA message -- registriesHIPAA, the "Health Insurance Portability and Accountability Act of 1996," provides federal protection of patient health information. As part of our continuing efforts to educate employees, these HIPAA-related messages will be distributed the second and fourth Tuesdays of the month. Today's HIPAA message is about disclosing personal health information to external registries.
Question Can I disclose PHI to external registries (i.e. cancer registries, trauma registries or other disease registries)?
Answer PHI may be disclosed to external registries without individual patient authorization if they are mandated by law. If no law exists that permits or requires such a disclosure, then individual patient authorization is required before transmitting patient information to these registries. As a reminder, de-identified information may be disclosed without individual authorization.
If you are asked to submit PHI to a registry, please verify that the registry is one that is mandated by law. If you have questions, please contact the HIPAA Privacy Officer.
If you're a manager, please ensure all of your employees are informed of the contents of these messages and how it applies to your work area. Some ways of sharing the information include discussions during staff meetings, printing and posting this message or asking your employees if they have any further questions.