Comment Re:How about adding an exception to HIPAA? (Score 1) 371
There are already HIPAA exceptions that allow sharing PHI without consent, and a medical emergency falls under the first one below (if it does not have its own already, and I'm fairly certain it must):
Here are three more:
Patient Treatment: A patient's health information can be shared and viewed by different healthcare providers if it is for the purpose of treatment for a patient. An example would be when a patient is referred to a specialist by their primary doctor and the primary doctor gives the specialist a patient's health information to facilitate treatment of the patient.
Payment for Services: The healthcare information of a patient can also be shared with another healthcare organization without complying to the privacy rules of HIPAA if it is for the purpose of payment of services. An example would be when a doctor needs to file information with a patient's health insurance provider for payment of services.
Healthcare Operations: A patient's healthcare information can also be used without consent of the patient for healthcare operations. Various healthcare operations include internal improvement, review of healthcare professionals, healthcare provider and doctor evaluations, training programs and business development. An example of the healthcare operations exemption would be if the doctor's office were doing an internal review of how they handle patients in order to treat patients better and more quickly. The doctor's office would not need to get the consent of a patient to do this type of internal review even if some of the internal review uses the patient's healthcare information for the process.