. "Appendix B: Legal Aspects of Computer-Based Patient Records and Record Systems." The Computer-Based Patient Record: An Essential Technology for Health Care, Revised Edition. Washington, DC: The National Academies Press, 1997.
The following HTML text is provided to enhance online
readability. Many aspects of typography translate only awkwardly to HTML.
Please use the page image
as the authoritative form to ensure accuracy.
health, or where a third-party could be endangered by the release. 37 However, in such states, a provider may be required to deliver copies of the record to the patient's representative or attorney.
Several statutes contain special provisions concerning a patient's access to particular portions of his or her record, such as X-rays. 38 Still other states allow a provider to prepare a summary of the patient's record for inspection and copying rather than allowing the patient access to the entire record.39 In the absence of statute or regulation, some courts have recognized a provider's common-law duty to allow a patient limited access to his or her records.40
Where patient records become part of insurers' or other databases, the patient may not even know that the record exists and may have no way to enforce a right of access, even if such exists. In addition, even if the patient gains access to the record, he or she may have no legally enforceable right to correct inaccurate information contained in it.
The Uniform Health-Care Information Act addresses access issues, as well as issues of confidentiality and information disclosure.41 As noted earlier, however, only Montana has adopted this legislation to date.42 Issues of access to databases maintained by insurers, correction of data maintained on individuals by insurance companies, and limitations on redisclosure of such information are addressed in the Insurance Information and Privacy Protection Model Act developed by the National Association of Insurance Commissioners (NAIC). To date, at least 13 states have adopted some version of this model act as law.43
See, e.g., Fla. Stat. Ann. §395.017(1); Okla. Stat. Ann., ch. 76, §19A; Cal. Health & Safety Code Ann. §1795.14(b); Colo. Rev. Stat. §25-1-801; Hawaii Rev. Stat. Ann. §622-57; Maine Rev. Stat. Ann. §1711; Minn. Stat. Ann. §144.335.
See, e.g., Cal. Health & Safety Code Ann. §1795.12(c) and (e).
See, e.g., Cal. Health & Safety Code Ann. §1795.20(a); Minn. Stat. Ann §144.335.
See, e.g., Cannell v. Medical and Surgical Clinic, 21 Ill. App. 3d 383, 315 N.E. 2d 278 (1974); Matter of Weiss, 208 Misc. 1010, 147 N.Y.S. 2d 455 (N.Y. Spec. Term. 1955); Hutchins v. Texas Rehab. Comm., 544 S.W. 2d 802 (Tex. Civ. Ct. App. 1976).
9 Uniform Laws Ann., Part 1 (West 1988), p. 475.
M.C.A. §50-16-501, et seq.
The NAIC model act is a good beginning but does not go far enough in protecting individuals whose health records are disclosed to insurance companies. One Kansas court, for example, found that transmission of health information concerning the plaintiff to the Medical Information Bureau did not invade the plaintiff's privacy (Senogles v. Security Benefit Life Insurance Co., 217 Kan. 438, 536 P. 2d 1358 ). The Medical Information Bureau is a nonprofit association formed to conduct a confidential exchange of information between its more than 700 insurance company members, which pool information on underwriting decisions and the health status of individual insureds.