Many patient record release forms do not follow the strict guidelines required for HIPAA compliance. Dentists using these forms face the risk of an alleged privacy breach. A HIPAA compliant patient record release form should contain the following elements:
• A specific description of the information and records to be disclosed
• The name of the individual or practice that may disclose the information
• The name of the individual who may receive the records
• The purpose of the disclosure or the statement, “at the request of the individual” An expiration date for the authorization
• The patient’s signature or the signature of his/ her representative
– all representatives on behalf of the patient must indicate their authority
• The date that the authorization was signed
The HIPAA compliant form should also include the following statements:
• “I, the undersigned, understand that I have the right to revoke this authorization. I understand the revocation must be in writing and bear my signature. My revocation must be submitted to the above healthcare provider. I understand that if I do revoke this authorization, my revocation will not affect any prior actions taken in reliance on this authorization.”
• “I understand that if the person or entity that receives the described records/information is not subject to federal privacy regulations or other laws, the records/ information may be re-disclosed and no longer protected by those regulations.”
• “I understand that the healthcare provider may not condition treatment, payment, enrollment, or eligibility for benefits on whether I sign this authorization. I may refuse to sign this authorization.”
Stuart J. Oberman, Esq.
Stuart J. Oberman is the founder and President of Oberman Law Firm. Mr. Oberman graduated from Urbana University and received his law degree from John Marshall Law School. Mr. Oberman has been practicing law for over 28 years, and before going into private practice, Mr. Oberman was in-house counsel for a Fortune 500 Company.
Read More =>