Clinic says North Dakota Blues violate HIPAA law
Patrick Springer reports:
Mid Dakota Clinic of Bismarck has opted out of a major initiative by Blue Cross Blue Shield of North Dakota that involves sharing patient records with an outside consultant and cites patient privacy concerns as the reason.
The program, MediQHome, is a “medical home” partnership between the health insurer and teams of medical providers aimed at better managing patients, especially those with chronic diseases, such as diabetes or asthma, to improve outcomes and reduce costs.
The initiative, which involves more than seven of every 10 primary care clinicians representing 75 percent of the North Dakota Blues’ members, requires providers to share patient information with an outside health quality consultant, MDdatacor, a firm located in suburban Atlanta.
Jeff Neuberger, the chief executive officer of Mid Dakota Clinic, said Friday that all patients should be contacted in advance to get their permission before their medical information is sent to a third party for review.
Read more on Inforum. Not surprisingly, BCBS North Dakota disagrees on what HIPAA requires here.
It would be nice to see a “Dear Insurer” letter from HHS to clarify this issue and HIPAA’s requirements, similar to what FCPO does for FERPA questions.