View Page As PDF
Share Button
Tweet Button
Many of our healthcare clients, particularly laboratories, utilize sales and marketing representatives to assist them in expanding their healthcare businesses, and many of these representatives are actively engaged in customer service activities, assisting referring providers with questions or issues that might arise from time to time. Occasionally, in the course of these customer service activities, sales and marketing representatives may be requested by referring providers to follow up on the care of a specific patient, or the sales and marketing representatives may wish to prepare summaries of patient services on a proactive basis to assist referring providers.

Covered entities should be very cautious with providing sales and marketing representatives with access to protected health information (PHI) because, as a general matter, there is no reason for these representatives to have access to PHI. Even within the covered entity’s own workforce, access to PHI must be pursuant to a specific HIPAA exception or covered by a HIPAA compliant patient authorization. Members of covered entity’s workforce are not under any blanket permission to access PHI.

If a referring provider wishes assistance on the healthcare records or results of testing for a particular patient, it is advisable for the sales and marketing representative to pass this request along to the appropriate individual within the covered entity, rather than directly access the patient record himself or herself. Furthermore, sales and marketing representatives should not proactively review patient healthcare records or patient billing records (which contain PHI) unless a specific HIPAA exception exists to protect the activity.
COMMENT
+