Ohio clarifies doctor role in patient privacy

Doctors can defend patients' privacy rights for them, and HIPAA doesn't preempt a stricter state law, an Ohio appeals court decides.

By Amy Lynn Sorrel, AMNews staff. Feb. 13, 2006.

Patient privilege belongs foremost to the patient. But what is a physician allowed to do to protect that privacy when he or she is whisked into a lawsuit by a court order for medical records?

A December Ohio appeals court ruling affirmed that under the state's law, doctors can defend patients' privacy rights for them as a third party, and that HIPAA does not preempt a more stringent Ohio law protecting medical records.

Doctors and attorneys say the ruling broke a long-held precedent in Ohio that the patient is the exclusive guardian of physician-patient privilege and that doctors could not step in on their behalf. But they also say the issue puts doctors in a predicament. Because of differences in some states' medical records privacy laws compared with the federal rules, physicians risk violating one or the other when determining whether to produce privileged information after receiving a subpoena or court order.

"Our client was being forced into breaching the physician-patient relationship and violating their responsibility to maintain the records as private," said defense attorney Brian Butler, who represents Northeast Ohio Nephrology Associates.

Plaintiff's attorneys had argued that state law allowed only the patient, not her doctors, to intervene to protect her medical records and that federal HIPAA regulations superseded state law to let protected health information be disclosed with a valid court order, according to court documents. The attorneys declined to comment because the case is still in litigation.