HIPAA and PHI Disclosures for Workers’ Compensation Claims

May 26, 2021| Last modified on May 31st, 2021 Julie Clements 0 Comments

Compensation ClaimsIn a workers’ compensation case, determining the claimant’s eligibility requires proper evidence. To avoid any complications during the medical record review process, injured workers will be requested to disclose their medical records and other protected health information (PHI) to their lawyers and other covered entities, as recommended by federal laws including the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rules. PHI includes all individually identifiable health data such as demographic details, medical histories, test results, insurance details and other health records that are used to identify a patient or provide medical treatment or healthcare coverage.


According to the U.S. Department of Health & Human Services, a covered entity will include a health care provider (Doctors, Clinics, Psychologists, Dentists, Chiropractors, Nursing Homes, Pharmacies), a health plan (Health insurance companies, HMOs, Company health plans and Government programs that pay for health care, such as Medicare, Medicaid, and the military and veterans health care programs) and a health care clearinghouse (entities that process nonstandard health information they receive from another entity into a standard or vice versa).

Covered entities often require access to an injured worker’s health information to process or adjudicate claims, or to coordinate care under workers’ compensation systems. To manage the workers’ compensation claims, HIPAA Privacy Rule allows workers’ compensation insurers and other entities to obtain the necessary medical information. Depending on the state laws, disclosure of some medical information does not need a medical release/authorization, while others require permission. Most state laws allow subpoenas to obtain full medical records when needed.

According to the HIPAA Privacy Rule, covered entities

  • may disclose PHI to workers’ compensation insurers, State administrators, employers, and other persons or entities involved in workers’ compensation systems without the individual’s authorization
  • may disclose PHI to workers’ compensation insurers and others involved in workers’ compensation systems, where the individual has provided authorization for the release of the information to the entity
    • authorization is required for psychotherapy notes and to use the information for marketing purposes
    • authorization will not be considered as valid, if the document submitted has any defects such as – the expiration date has passed or the expiration event is known by the covered entity to have occurred, authorization has not been filled out completely or any material information in the authorization is known by the covered entity to be false
  • must limit the amount of PHI disclosed to the minimum necessary
    • to accomplish the workers’ compensation purpose
    • for payment purposes
    • to obtain payment for health care provided to an injured or ill worker
    • when requested by a State workers’ compensation or other public official
  • are not required to make a minimum necessary determination when disclosing protected health information as required by State or other law, or pursuant to the individual’s authorization.

When processing workers’ compensation claims, insurance companies may require an objective medical peer review to make an informed and proper decision. Workers’ compensation attorneys handling related lawsuits also need a comprehensive review of the medical records to ensure that the work-related injury or illness is well-documented in a claimant’s medical records.

Related Post:

leave a comment



    Powered by