Use Case Setting:
A primary caregiver entity wants to refer patients to an OB/GYN practice. In doing so, they are creating an environment to where the OB office can go in and review the entire chart of the patient and then pull out the pertinent information for the referral. This of course would take clinical personal to do this, but not all patients that have this full chart information review will actually go to the particular office.
Use Case Question:
The question is whether this is ok from a HIPAA perspective? All patient information is accessible whether or not it is pertinent to the referral for OB/GYN. So any substance abuse, mental health, a UTI from 20 years ago etc, would be available for review by the care staff. What if there is information the patient does not want to go out and have specifically designated so? What if the provider takes information from old data and uses it incorrectly? The referring entity does not feel comfortable with this and thinks it is out of scope with the minimal needed information per HIPAA. Thoughts on this?