• Decrease font size
  • Return font size to normal
  • Increase font size
U.S. Department of Health and Human Services

Radiation-Emitting Products

  • Print
  • Share
  • E-mail

HIPAA and Release of Information for MQSA Purposes

Policy Guidance Help System logo

Discussion:

Implementation of the Health Insurance Portability and Accountability Act (HIPAA) has raised a number of issues with respect to mammography facilities that operate under the Mammography Quality Standards Act (MQSA). Three issues are arising with increasing frequency. The first concerns the protection of patient information during MQSA inspections. The second deals with whether other medical entities (e.g., referring physicians, pathology departments, surgeons) can release patient biopsy information to mammography facilities for purposes of their MQSA medical outcomes audit without obtaining patient authorization. The third deals with the transfer of medical records from one medical entity to another for treatment, payment, or healthcare operation purposes. The HIPAA regulations address these matters as follows:

Questions: 
  1. Can facilities release patient information to an MQSA inspector without patient authorization?
  2. Can medical entities such as referring physicians, pathology departments, and surgeons release patient biopsy information to mammography facilities for purposes of their MQSA medical outcomes audit without obtaining patient authorization?
  3. Can a patient's medical records be transferred to another medical entity for treatment payment, or healthcare operation purposes without obtaining patient authorization?