Florida Clinical Labs Must Now Give Patients Direct Access to Their Laboratory Test Results

Posted on by

lab testingBy: David Hirshfeld 

In an effort to help individuals access their health information so that they can become more actively involved in managing their own health care, several agencies within the Department of Health and Human Services promulgated a rule that modifies the Clinical Laboratory Improvement Amendments (“CLIA”) and the Health Insurance Portability and Accountability Act (“HIPAA”) in a way that supersedes Florida State laws governing the disclosure of laboratory test results directly to patients.

Beginning October 4, 2014 clinical labs that are “covered entities” within HIPAA must provide identifiable test results directly to patients or their personal representatives upon request.  Until now, in Florida patients were unable to access their test results directly from labs without the consent of the person who requested the test.[1]

Under the existing CLIA regulation, a lab is only allowed to disclose its test results to: (i) individuals authorized under state law to order or receive test results, or both (so-called “Authorized Persons”); (ii) the person responsible for using the test results to treat the patient; or (iii) the lab that had originally requested the test.[2]  By virtue of Florida law, Authorized Persons did not include the patient from whom the specimen was derived (with the exception of individuals who submit their own blood pursuant to a home access HIV test kit).[3]

Under the amended CLIA regulation, labs may provide the patient, the patient’s personal representative, or a person designated by the patient, with copies of complete test reports that can be identified as belonging to the patient.[4]  The identification requirement is important so as to not to upset laboratories’ ability to conduct and protect anonymous testing.  The amended language of the CLIA regulation uses the word “may;” and thereby permits, but does not require, labs to provide results directly to patients.  However, the new CLIA regulation must be read in conjunction with the amended HIPAA privacy rule.

The existing HIPAA privacy rule excepts clinical laboratories from the types of health care providers that must give patients direct access to their records.[5]  The amended privacy rule removes this exception so that clinical laboratories will be obligated to provide patients, or their personal representatives, access to their protected health information upon request.  The privacy rule only imposes this obligation upon “covered entities.”  A laboratory is a “covered entity” if it performs at least one covered transaction electronically, such as transmitting health care claims to a health plan, requesting prior authorization to provide a service from a health plan, or confirming the membership of a patient in a health care plan.

These amendments to the CLIA regulations and the HIPAA privacy rule are the government’s latest step in its effort to empower patients to take a more meaningful role in their own health care.  Clinical lab providers are advised to revisit their compliance plans so that they are ready evaluate and respond to patients requests for protected health information prior to the October 4, 2014 implementation date of these important new rules.

[1] F.A.C. 59A-7.028(5)(e) and (7)(b)

[2] 42 CFR 493.1291(f) and 493.2

[3] F.S. §483.181(1) and (2); and F.A.C. 59A-7.028(5)(e) and (7)(b)

[4] 79 FR 7290

[5] 45 CFR 164.524(a)(1)(iii)(A) and (B)

4 thoughts on “Florida Clinical Labs Must Now Give Patients Direct Access to Their Laboratory Test Results

  1. Definitely a step toward transparency and patient empowerment … and how many times have we waited for test results to be communicated, only to have to call the doctor ourselves to see if they are in? On the other hand, the usefulness of this decision will hinge upon how the results are presented: with/without interpretation, for example. A value is just a value without knowing the normal range, a baseline, etc. Could lead to panic or complacency, depending upon the situation, both of which can be dangerous.

    Reply

    • Florida regulation already requires that “normal” ranges be made available to the authorized person who ordered the test or the individual responsible for utilizing the test result. Now that the Federal law defines “authorized person” to include the patient who is the subject of the test, and since it would avoid time consuming follow-up contact by patients, I anticipate that labs will provide the “normal” ranges to the patients along with the test results. – David

      Reply

  2. That seems helpful on the face of it. But let’s take it a few steps further. Say I’m suffering from extreme fatigue. My PCP orders a full slate of blood tests, some have quick results while others take longer. I check periodically to see all of my results, and all are indicated as “normal.” What now? I still want to know what’s causing my extreme fatigue. So, I call my PCP to speak with him/her or the nurse, likely having to leave a message and hope for a callback, probably having to go back for further exam or get orders for further tests. In other words, a normal test result does not necessarily preclude further conversation or follow-up; it’s just another data point for my PCP to weave into a bigger picture. So I can see that this is a step in the right direction and seems empowering (particularly if we’re talking about routine follow-up tests done on a regular basis), but the jury may still be out on the magnitude of the practical benefits.

    Reply

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s