HIPAA and Release of Information for MQSA Purposes

Discussion:

Implementation of the Health Insurance Portability and Accountability Act (HIPAA) has raised a number of issues with respect to mammography facilities that operate under the Mammography Quality Standards Act (MQSA). Three issues are arising with increasing frequency. The first concerns the protection of patient information during MQSA inspections. The second deals with whether other medical entities (e.g., referring physicians, pathology departments, surgeons) can release patient biopsy information to mammography facilities for purposes of their MQSA medical outcomes audit without obtaining patient authorization. The third deals with the transfer of medical records from one medical entity to another for treatment, payment, or healthcare operation purposes. The HIPAA regulations address these matters as follows:

Questions: 

1. Can facilities release patient information to an MQSA inspector without patient authorization?

2. Can medical entities such as referring physicians, pathology departments, and surgeons release patient biopsy information to mammography facilities for purposes of their MQSA medical outcomes audit without obtaining patient authorization?

3. Can a patient's medical records be transferred to another medical entity for treatment, payment, or healthcare operation purposes without obtaining patient authorization?