HIPAA Provider to Provider Communication, HIPAA

HIPAA Provider to Provider Communication


Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker.

Providers often have a need to communicate with other providers to consult on patient care. HIPAA provider to provider communication is permitted under certain circumstances without prior patient consent.

HIPAA provider to provider communication refers to the communication of a patient’s current providers. It is not permitted to discuss patient information with providers that are not currently treating the patient without written consent from the patient.

HIPAA Provider to Provider Communication Without Patient Consent

HIPAA provider to provider communication is permitted, between a patient’s current providers, without prior consent except for the following:

  • Substance abuse treatment records are maintained by a licensed substance abuse program. Substance abuse records in other treatment settings can be disclosed between providers without prior patient consent.
  • Written psychotherapy notes except under specific circumstances. The following are the circumstances in which use or disclosure of psychotherapy notes is permitted without prior consent:
    • To a coroner or medical examiner to identify a deceased person, determine the cause of death, or other duties as authorized by law.
    • The use or disclosure is required by law and complies with relevant requirements of the law.
    • For its own training programs in which students, trainees, or practitioners in mental health learn under supervision to practice or improve their skills in group, joint, family, or individual counseling.
    • To defend itself in a legal action or other proceeding brought by the patient.
    • If the covered entity believes the use or disclosure:
      • Is necessary to prevent or lessen a serious and imminent threat to the health or safety of a person or the public; and
      • Is to a person(s) reasonably able to prevent or lessen the threat, including the target of the threat.

However, in addition to federal HIPAA provider-to-provider communication requirements, there are state regulations as well. There are some instances in which it is permitted to use and disclose a patient’s protected health information (PHI) under the HIPAA regulation, but the state’s laws may prohibit it. Where state laws are stricter than federal regulations, providers must abide by state disclosure requirements.

Basic Telehealth Legal & Ethical Rules: HIPAA, Privacy, Working Across State Lines, Malpractice Insurance

Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!

Disclaimer: Telehealth.org offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Telehealth.org Privacy Policy and Terms and Conditions.

Notify of
Inline Feedbacks
View all comments
Would love your thoughts, please comment.x