May 14, 2015


A physician employee has left the practice.  Patients then request their medical records forwarded to this physician. Their request is granted and records are sent. The patient becomes unhappy (for whatever reason) with this physician and we receive another request from the patient to forward records to a second physician. Are we obligated to continue sending the same records multiple times to multiple physicians until the patient finds a physician that they are comfortable with.

Thanks in advance, Dr. H


No provision in the HIPAA rules exist specifying you can say no to a record request because of a repeat offender.  However, there are certain circumstances when you are authorized to deny access - again this is not explicitly one of them - but if you were to document the reason for your denial, for, lets say, having provided a single patient their record 4 plus times, and the request is bordering on harassment, there is a chance you may be successful on review as having justification for an acceptable denial.  

Specified reasons for denial -

Unreviewable grounds for denial are: situations involving (i) psychotherapy notes, information compiled for use in legal proceedings, and certain information held by clinical laboratories; (ii) certain requests which are made by inmates of correctional institutions; (iii) information created or obtained during research that includes treatment if certain conditions are met; (iv) denials permitted by the Privacy Act; and (v) information obtained from non-health care providers pursuant to promises of confidentiality. See 45 C.F.R. § 164.524(a)(2).

Reviewable grounds for denial are: (i) disclosures which would cause endangerment of the individual or another person; (ii) situations where the PHI refers to another and disclosure is likely to cause substantial harm; and (iii) requests made by a personal representative where disclosure is likely to cause substantial harm. See 45 C.F.R. § 164.524(a)(3).   


Protect your Practice from "Surprise Bill" disputesCLICK HERE for OON Disclosure Forms.   

Recent Webinars (Click to view anytime!) - 

HIPAA Compliance - Combating Exposure with Risk Assessment and Proper Policies

Tips to Operate Compliantly and Stay off the Radar Webinar


I-STOP Implementation - Common Q&As

Looking for HIPAA and compliance forms?  
Click here to visit 
our website.

Have a question or comment for Jennifer?
Contact Jennifer at or  at (516) 747-6700 x. 302.