40% OFF Sale through January 23: COVID Clinical Best Practices. Use "CLINICAL40" coupon code in your shopping cart.
HIPAA Provider to Provider Communication

Providers often have a need to communicate with other providers to consult on patient care. HIPAA provider to provider communication is permitted under certain circumstances without prior patient consent.

HIPAA provider to provider communication refers to the communication of a patient’s current providers. It is not permitted to discuss patient information with providers that are not currently treating the patient without written consent from the patient.


HIPAA Provider to Provider Communication Without Patient Consent

HIPAA provider to provider communication is permitted, between a patient’s current providers, without prior consent except for the following:

  • Substance abuse treatment records maintained by a licensed substance abuse program. Substance abuse records in other treatment settings can be disclosed between providers without prior patient consent.
  • Written psychotherapy notes except under specific circumstances. The following are the circumstances in which use or disclosure of psychotherapy notes is permitted without prior consent:
    • To a coroner or medical examiner to identify a deceased person, determine cause of death, or other duties as authorized by law.
    • The use or disclosure is required by law and complies with relevant requirements of the law.
    • For its own training programs in which students, trainees, or practitioners in mental health learn under supervision to practice or improve their skills in group, joint, family, or individual counseling.
    • To defend itself in a legal action or other proceeding brought by the patient.
    • If the covered entity believes the use or disclosure:
      • Is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public; and
      • Is to a person(s) reasonably able to prevent or lessen the threat, including the target of the threat.

However, in addition to federal HIPAA provider to provider communication requirements, there are state regulations as well. There are some instances in which it is permitted to use and disclose a patient’s protected health information (PHI) under the HIPAA regulation, but the state’s laws may prohibit it. Where state laws are stricter than federal regulations, providers must abide by state disclosure requirements.

HIPAA Resources

Need assistance with HIPAA compliance? Compliancy Group can help! They help you achieve HIPAA compliance with Compliance Coaches® guiding you through the entire process. Find out more about the HIPAA Seal of Compliance® and Compliancy Group. Get HIPAA compliant today!

HIPAA Webinars:

HIPAA Provider to Provider Communication Without Patient Consent

Cyber Security: Top 5 Things You Can Do Tomorrow Morning to Protect Your Practice and Your Clients/Patients

Ransomware hackers attack smaller healthcare practices daily, creating serious data breaches and HIPAA violations. Are you and your clients/patients vulnerable, too?



HIPAA Provider to Provider Communication Without Patient Consent

Social Media and HIPAA Compliance: Protecting Your Practice in the Digital Age

Managing social media use and HIPAA compliance can lead to some of the most common misunderstandings faced by healthcare providers. Improperly trained employees can expose your organization to HIPAA violations and costly fines!



Disclaimer: The views and opinions expressed in the article and on this blog post are those of the authors. These do not necessarily reflect the views, opinions, and position of the Telebehavioral Health Institute (TBHI). Any content written by the authors are their opinion and are not intended to malign any organization, company or individuals.