DataBreaches.Net

Menu
  • About
  • Breach Notification Laws
  • Privacy Policy
  • Transparency Report
Menu

Do Patients Have Access to Therapy or Personal Notes?

Posted on April 20, 2008October 24, 2024 by Dissent

Donna Vanderpool, M.B.A., J.D., assistant vice president for risk management at PRMS Inc., has an article in the April 18 issue of Psychiatric News. Here’s part of the article:

HIPAA’s Privacy Rule permits covered psychiatrists who choose to keep psychotherapy notes to deny patients access to those notes. The Privacy Rule definition of psychotherapy notes is “notes recorded (in any medium) by a health care provider who is a mental health professional documenting or analyzing the contents of a conversation during a private counseling session or a group, joint, or family counseling session and that are separated from the rest of the individual’s record.”

The following information is considered part of the medical record and is excluded from the definition of psychotherapy notes: medication prescribing and monitoring; counseling session start and stop times; modalities and frequencies of treatment furnished; results of clinical tests; and any summary of diagnosis, functional status, treatment plan, symptoms, prognosis, and progress to date. According to the Department of Health and Human Services (HHS), the agency that enforces the Privacy Rule, psychotherapy notes are limited to information that psychiatrists keep separate for their own purpose and that contains sensitive information relevant to no one else. HHS equates psychotherapy notes with process notes.

It is important to keep in mind, however, that although the Privacy Rule allows psychiatrists to deny patients access to psychotherapy notes, it also states that patients may authorize the release of their psychotherapy notes to a third party such as an attorney, another provider, or even a friend, and that psychiatrists must comply with this authorization.

State laws differ regarding patient access to their medical records. In some states, patients have access to the entire record; other states prevent patients from accessing therapists’ “personal notes” (or similar term). Additionally, some state laws may have other requirements for restrictions on the use and disclosure of these “personal notes.”

The issue of which law to follow (state or federal) will ultimately be determined by the courts. Until this issue has been resolved, the following provides a starting point for analyzing questions about patient access to psychotherapy notes. Because this is a complex and developing area of the law, an attorney should be consulted for specific legal advice.

Read the full article at Psychiatric News

Category: Health Data

Post navigation

← Is the Medical Establishment the Best Guardian of Your Medical Data?
UK: Court sent me people's secret files →

Now more than ever

"Stand with Ukraine:" above raised hands. The illustration is in blue and yellow, the colors of Ukraine's flag.

Search

Browse by Categories

Recent Posts

  • ConnectWise suspects cyberattack affecting some ScreenConnect customers was state-sponsored
  • Possible ransomware attack disrupts Maine and New Hampshire Covenant Health locations
  • HHS OCR Settles HIPAA Security Rule Investigation of BayCare Health System for $800k and Corrective Action Plan
  • UK: Two NHS trusts hit by cyberattack that exploited Ivanti flaw
  • Update: ALN Medical Management’s Data Breach Total Soars to More than 1.8 Million Patients Affected
  • Russian-linked hackers target UK Defense Ministry while posing as journalists
  • Banks Want SEC to Rescind Cyberattack Disclosure Requirements
  • MathWorks, Creator of MATLAB, Confirms Ransomware Attack
  • Russian hospital programmer gets 14 years for leaking soldier data to Ukraine
  • MSCS board renews contract with PowerSchool while suing them

No, You Can’t Buy a Post or an Interview

This site does not accept sponsored posts or link-back arrangements. Inquiries about either are ignored.

And despite what some trolls may try to claim: DataBreaches has never accepted even one dime to interview or report on anyone. Nor will DataBreaches ever pay anyone for data or to interview them.

Want to Get Our RSS Feed?

Grab it here:

https://databreaches.net/feed/

RSS Recent Posts on PogoWasRight.org

  • Home Pregnancy Test Company Wins Dismissal of Pixel Wiretapping Suit
  • The CCPA emerges as a new legal battleground for web tracking litigation
  • U.S. Spy Agencies Are Getting a One-Stop Shop to Buy Your Most Sensitive Personal Data
  • Period Tracking App Users Win Class Status in Google, Meta Suit
  • AI: the Italian Supervisory Authority fines Luka, the U.S. company behind chatbot “Replika,” 5 Million €
  • D.C. Federal Court Rules Termination of Democrat PCLOB Members Is Unlawful
  • Meta may continue to train AI with user data, German court says

Have a News Tip?

Email: Tips[at]DataBreaches.net

Signal: +1 516-776-7756

Contact Me

Email: info[at]databreaches.net

Mastodon: Infosec.Exchange/@PogoWasRight

Signal: +1 516-776-7756

DMCA Concern: dmca[at]databreaches.net
© 2009 – 2025 DataBreaches.net and DataBreaches LLC. All rights reserved.