One view is that for routine cases requiring outpatient treatment, health plans should not need more than the basic administrative data that was required for fee-for-service medicine, such as patient identification information; clinician identification information; procedure code; charges; and dates, type, and location of service. Three of the provider association representatives support this view, as does a privacy expert who is a clinician. Some of the justification we heard for this view follows.
Effective treatment depends upon complete trust between the patient and provider, and strict confidentiality is essential to that trust. Therefore, “compromising,” whereby the provider gives up some personal health information to health plans, if not all that the health plans might wish for, is not in the best interest of the patient and therefore conflicts with the ethical standards of the professions. Since HHS intends HIPAA regulations to be consistent with professional standards, the idea of providing only administrative data is consistent with the “minimum necessary” information clause in the regulations. This view was expressed by a provider association representative who, among all of our provider association respondents, has been one of the most active in lobbying on privacy issues.
A second line of reasoning expressed by some provider respondents is that health plans would need extremely detailed clinical information, much more than is currently requested, in order to second-guess clinical judgment about a case. According to one clinician, “particularly in psychotherapy, there are always going to be differences of opinion regarding the necessity of treatment. MCOs may say they need hundreds of items of information on a patient to authorize treatment, but there is no scientific basis for their requests.” Such second-guessing is neither a realistic nor an appropriate goal for health plans on a routine basis, it is argued. Therefore, health plans should not routinely request more than the basic administrative information noted above.
Two provider association respondents that subscribe to the “administrative information only” view said that, in reality, managed care plans only or primarily use the information they collect to find ways to deny claims. Because the information is not therefore being collected in the patient’s interest, it should not be shared with health plans at all.
Also, several providers of addiction services stated that, given the nature of addiction, patients would not be seeking treatment unless they really needed it; therefore pre-authorization is wholly inappropriate. One such provider deals exclusively with Medicaid patients in a program that has no pre-authorization requirement for addiction services.
"MHPrivacy.pdf" (pdf, 768.25Kb)
"appen-b.pdf" (pdf, 224.4Kb)