Health Insurance Portability and Accountability Act (HIPAA)
Federal regulations mandated by the Health Insurance Portability and Accountability Act (HIPAA) went into effect in 2003. One
of the goals of HIPAA is to protect the privacy of health records used and disclosed by covered entities, which include
health care providers, health care clearinghouses and health plans. The HIPAA regulations require covered entities to obtain authorization
from an individual before disclosing health information about that individual. This authorization requirement does not apply to
disclosure of health information for purposes of workers compensation.
The Workers Compensation Exception
The HIPAA regulations specifically allow covered entities to disclose health information as authorized by, and to the extent
necessary to comply with, workers compensation laws (45 CFR § 164.512). Kansas workers compensation law and regulations require
health care providers to provide health information to employers, insurance carriers and the Director of Workers Compensation
without the injured worker's authorization (K.S.A. 44-515; 44-557a, K.A.R. 51-9-10;
51-9-16). Therefore, a health care provider may disclose health information related to a workers compensation claim to the parties
involved in the claim, or to the Division of Workers Compensation without the patient's authorization and such disclosure will not
violate the HIPAA regulations.
HIPAA regulations do require that health care providers develop a privacy notice for patients (CFR 45 § 164.520). The division
recommends that such notice include an advice that medical records can be disclosed to employers, insurance companies and the division
for purposes of workers compensation claims.
The following websites may be helpful for more detailed information on HIPAA:
Department of Health and Human Services HHS Administrative Simplification and
Disclosures for Workers Compensation Purposes
Office of Civil Rights Health Information Privacy
American Medical Association CPT Coding, Billing and Insurance: Health Insurance Portability and Accountability Act
Disclaimer: This page is intended to provide general information about HIPAA regulations, as of the date of writing.
Regulations are subject to change. This page does not contain legal advice.