This policy is to document the Trusted Doctors policies and procedures for sharing information with patients in a safe, secure and HIPAA compliant manner.
All information shared with patients and authorized representatives will be done so in a manner which is HIPAA compliant and in keeping with state and jurisdictional regulations regarding privacy, confidentiality and information sharing.
The goal of the practice is to make every effort to share information with patients and authorized representatives in order to empower them to be active participants in their care. Sharing of information will be accomplished through both active (upon request) and passive (information that is made available without explicit request) methods as outlined below.
IV. Active sharing of information
Trusted Doctors and the Divisions of Trusted Doctors makes every effort to honor requests from patients and authorized representatives to provide information to requestors in a timely manner and a format that is consistent with the request.
Requests from patients can be made to the practice via the following identified methods:
2. Portal message
4. In writing
Trusted Doctors agrees to provide information to requesters in the following formats where possible and feasible:
1. Paper records (for mail or in office pick-up)
2. Faxed records
3. PDFs/Images/Documents provided on external hard drive with appropriate encryption
4. Electronic information that is available electronically via a CDA may be provided by one of the following methods depending on the feasibility of the Division’s EHR system:
a. Via facilitation through a patient portal
b. Direct Messaging to a trusted third party in accordance with Direct Messaging protocols
C. Processing requests
All requests for information will be documented in the medical record within 2 business days of receipt and include the following:
1. Name and role of the requester (if not the patient)
2. Time/date of the request
3. Verification of the legal authority of the requester to have access to the information where uncertain/unclear
4. Written confirmation of request where feasible to document authority (may be signed information request form, portal message which required authentication to initiate, faxed or emailed documentation)
5. Format in which the requester is asking for the information to be provided
6. Content to be included in the release of information per the request
D. Timely processing of requests
Every effort will be made to process requests within 10 business days in order to provide patients with timely access to their information. If Trusted Doctors is unable to meet the 10 day practice goal, the division staff will communicate an anticipated delay with the requester and make alternative arrangements to provide information (either in content or format) as mutually agreed upon. The practice will monitor their performance to ensure they are meeting this goal at least 90% of the time and institute improvement processes as deemed appropriate.
E. Cooperation and collaboration
If the practice is unable to provide the requested information in the manner and format requested, alternative arrangements will be sought to satisfy the requester.
Documentation will be made in the medical record related to communication to offer alternatives and document resolutions. Any information that cannot be shared will be documented as to the content, the reason it could not be shared as requested, and will reference the appropriate exceptions according to the 21st Century Cures Act.
V. Passive Sharing of Information:
Trusted Doctors makes every effort to provide access to patient information via a patient portal hosted by a third party vendor.
A. Encouraging portal adoption
Trusted Doctors encourages use of the patient portal for all patients from the time of new patient registration and through individual invitation explaining the value of having access to clinical health information at all times.
B. Proactive sharing information through the portal
Trusted Doctors shares appropriate information freely through our EHR and Patient Portal technology wherever safe, appropriate and feasible via our technology partners.
C. Electronic Personal Health Information (EHI) currently available for patients or their authorized representatives in electronic format includes the following:
2. Problem List
5. Vital Signs
6. Visit Notes including Assessment and Plan
9. Diagnostic Test Results
10. Smoking Status
11. Care Team Members
12. Implantable Devices
The above EHI is available through both discrete elements of the patient portal and through self-generated CDAs which patients (or their representatives) can access freely through the portal.
VI. Ability to Receive EHI
Trusted Doctors makes every effort where feasible to receive patient information in an electronic format in order to empower patients to share EHI with our divisions to facilitate care delivery and the ability to reshare information electronically. This is accomplished with the providers participation in the Direct network.
Patients and their authorized representatives, such as specialists and hospital systems, who have the ability to access their CDAs from other members of their care team, can access that information and share with us directly using our published Direct address.
VII. Gaps in Practice Information Sharing
Trusted Doctors makes every effort to share information in accordance with HIPAA, state and jurisdictional laws wherever possible. The following are identified gaps in information sharing and Trusted Doctors plans to address these gaps where feasible. The practice is committed to empowering patients with their health information and will work to continually identify and address gaps as they become known to us.
A. Information stored in non-electronic format
The practice has information stored as images and/or PDFs in our EHR as part of patient charts (including prior records, specialty reports from external sources). Since this information is not stored in an electronic format, it cannot be shared or transmitted in an electronic format. Patient requests for information which exist in these formats will be shared with patients in a mutually agreeable format as requested.
B. Sensitive data
1. Pediatric charts can include sensitive information that is not directly patient data, such as health data specific to the maternal health history. In an effort to protect the maternal privacy in accordance with HIPAA, this information will not routinely be shared with others who may also have access to the information through a child’s medical records. As it is currently infeasible to redact the maternal history from the child’s medical records, some records may be protected. If this information is requested, the practice will document the request, attempt to reach a mutually agreeable solution with the requester and document the exception for sharing of information in accordance with the Information Blocking Provisions of the 21st Century Cures Act.
2. Other sensitive information regarding the health and well being of children and adolescents that is shared in confidence and in some cases protected by law. This is including but not limited to, suspected child abuse, gender identity, substance use/abuse, sexually transmitted disease treatment, pregnancy, HIV status, mental health. Sensitive and/or confidential information may be restricted from passive sharing due to provider concerns about harm to the patient or the infeasibility of being able to redact sensitive information as required by local, state or federal law including HIPAA. If this specific information is requested, Trusted Doctors divisions will document the request, attempt to reach a mutually agreeable solution with the requester and document the exception for sharing of information in accordance with the Information Blocking Provisions of the 21st Century Cures Act
There are current sections of the USCDIv1 that have not been identified as data from our EHR which is sent electronically to the patient portal and its CDA functionality. We will remain educated and monitor our vendors’ functionalities to close those gaps as additional certification and information is available to the practice.
VIII. Non-discriminatory Decisions to Withhold Information
Trusted Doctors does not make decisions to withhold information lightly. All decisions to withhold information will be done in accordance with the 21st Century Cures Act exceptions and in a non-discriminatory manner. The practice policy gaps in information sharing are outlined as above. In all instances, withholding of information will conform to this organizational policy or will be documented by a provider on a case-by-case basis.
Every effort will be made to review and update this policy annually.
Policy Revision Date: 4/1/2021