What About Psychotherapy Notes?
The Privacy Rule defines psychotherapy notes as notes recorded by a health care provider who is a mental health professional documenting or analyzing the contents of a conversation during a private counseling session or a group, joint, or family counseling session. These notes are separate from the rest of the patient’s medical record.
Psychotherapy notes do not include any information about:
- Medication prescription and monitoring
- Counseling session start and stop times
- The modalities and frequencies of treatment furnished
- Results of clinical tests.
- Summaries of diagnosis
- Functional status
- Treatment plans
- Progress to date
- Information maintained in a patient’s medical record
Psychotherapy notes contain particularly sensitive information. These notes constitute the personal notes of the therapist – notes that that usually are not required or useful for treatment, payment, or health care operations purposes (other than by the mental health professional who created the notes)
Therefore, the Privacy Rule generally requires a covered entity to obtain a patient’s authorization prior to a disclosure of psychotherapy notes for any reason, including a disclosure for treatment purposes to a health care provider other than the originator of the notes.
What About Substance Abuse Disorders?
Generally, covered entities cannot use or disclose substance abuse and treatment records, without patient authorization.
There are two exceptions to this rule:
For the particular purpose of treating a patient with a substance abuse disorder, HIPAA permits disclosure of protected health information (PHI) without patient consent. PHI may also be used or disclosed without patient authorization to lessen a threat of serious and imminent harm to the health or safety of the patient or others.