Minutes of October 21, 1998 Meeting

Corrected

A meeting of the Law Revision Commission Committee on Confidentiality of Medical Records was held commencing at 4:00 p.m. on Wednesday, October 21, 1998 in Hearing Room 1A in the Legislative Office Building in Hartford, Connecticut. Those attending were: Commission members Committee Chairman Joseph J. Selinger, Jr., and William R. Breetz; advisors Charlotte Acquaviva, Lawrence Berliner, Regina Dacier, Mary H. Hess, Peter Kane, Stephen Lewis, Richard J. Lynch, Michael Meacham for Marybeth Reinhardt, Angela Mattie for Robert Scalettar, Jeannette C. Schreiber, Nadine Schwab, and Gail Sturgess; and Commission staff David Hemond.

Mr. Selinger called the meeting to order.

The minutes of the October 7 meeting were approved.

Under Agenda item 5, the Committee agreed to invite Margo Goldman to make a presentation pursuant to the recommendation of Peter Kane. Mr. Kane and Mr. Hemond agreed to explore possible dates for such a presentation.

The committee then reviewed section 2-102 of the Uniform Health-Care Information Act (UHCIA) concerning authorizations and the following issues were raised:

Section 2-102(a) provides authority from a patient to a health-care provider to release health-care information. If the coverage of the act generally is to be expanded beyond the patient-health-care provider context, to what extent should the explicit power of the subject of the health-care information to authorize disclosure be expanded. Should the authority apply only with respect to "original providers"? If the authority extends to releases by someone other than the provider, how does the statute deal with concerns that some information might be harmful to the patient and should only be disclosed pursuant to provider review? In that context, the section 3-102 standards that allow a health care provider to deny review in limited circumstances were considered. Moreover, if the patient can authorize release, should record-holders other than the provider be required to honor that authorization? If these provisions are restricted to the patient/original health-care provider context, is an exception necessary for circumstances where the original provider no longer has the information? Mr. Hemond agreed to review the various federal and state drafts and prepare alternative language.

What is "recorded" health-care information? Is it sufficiently clear that it covers information stored in various media - on tape/ in a computer/ on slides? It was suggested that the draft refer to "health-care information on record" rather than "recorded health-care information".

Under subsection 2-102(c), what additional provisions should be required to be included in the authorization? Some members suggested that the authorization should be required to detail the purpose of the authorization and the extent of the authorization. It was also suggested that any authorization be accompanied by a warning or other notice restricting redisclosure.

Substantial discussion focused on the issue of the application of the section to insurers and whether the existing use by insurers of blanket authorizations was justifiable. It was agreed that the Committee would review whichever provisions ultimately applied to insurers, whether in the act, in the current privacy act, or in the NAIC model. Insurance representatives suggested that blanket authorizations in the HMO or 3^rd party payor context were an economically necessary part of the business (Mattie). Other members suggested that the confidentiality necessary for a patient, particularly in sensitive areas such as mental health or AIDS status, could not be breached in such a wholesale fashion and retain patient confidence in the relationship. (Kane) It was suggested that, at least in those sensitive areas, protocols might be established to limit the initial dissemination of the confidential material. (Breetz) Discussion then focused on the extent to which insurers had a legitimate, or economic, need to review each individually identifiable file and whether possible protocols, involving, for example, encryption of information, or certification after pre-approval, might be substituted for the use of blanket authorizations.

Discussion also focused on whether information, once disclosed, was adequately contained and whether, for example, adequate restrictions existed on the use of the information once disseminated. Particular concerns were expressed as to use of information for profiling and access and possible misuse of information by employers.

The next meeting will pick up with review of section 2-103. The next meeting was set for November 4, 1998 at 4:00 p.m. in the Legislative Office Building in Hartford, Connecticut. The meeting adjourned at 6:00 p.m.

Respectfully submitted,

/S/ 

David L. Hemond
Reporter/Drafter

Back to Main Page                    See Agenda for this meeting