Skip to main content
In a HIM Scene guest blog, MRO’s Don Hardwick, Vice President of Client Relations and Account Management, discusses the complexity around disclosure of Protected Health Information (PHI) for workers’ compensation purposes.

Even under the best of circumstances—excellent staff, streamlined workflows, the latest technology— Release of Information (ROI) is a precarious process. Specific rules apply to different categories of requests. One area of complexity and confusion is the disclosure of Protected Health Information (PHI) for workers’ compensation purposes. While the ROI process for workers’ comp requests is similar to the process for “regular” requests, the type of information allowable for disclosure is different unless the request is accompanied by a patient authorization.

According to HHS guidelines, “The HIPAA Privacy Rule does not apply to entities that are either workers’ compensation insurers, workers’ compensation administrative agencies, or employers, except to the extent they may otherwise be covered entities.” However, the rule recognizes the legitimate need of these entities involved in workers’ compensation cases to access PHI according to state or other laws. Due to variability among such laws, the Privacy Rule permits disclosures of PHI for workers’ compensation purposes in different ways.

Don Hardwick

Hardwick oversees all client relations initiatives and account management for MRO. As former President of the Virginia Health Information Management Association (VHIMA), Director of HIM at Southampton Memorial Hospital in Virginia and at Saint Margaret Hospital in Alabama and an impressive background of leading various health information management companies, Hardwick brings domain expertise, industry knowledge and vision to MRO.

More Posts