Privacy act adding to police work

Sunday, October 5th 2003, 12:00 am

By: News On 6

TULSA, Okla. (AP) -- Federal regulations designed to keep a patients' medical information confidential are limiting the amount of information hospitals and medical providers can legally give to police.

The Health Insurance Portability and Accountability Act went into effect on April 14. The rules mandate that health providers, insurance companies and pharmacies not disclose patients' medical information without their permission.

But Oklahoma homicide investigators say medical service providers, including the Emergency Medical Services Authority, can no longer provide specifics of a wound without a patient's consent -- something that can be difficult for medics treating a gunshot patient in the field to get.

"EMSA won't tell us if there's an exit wound now, so we can never tell if we need to look for a bullet or not," Tulsa Police Cpl. Gene Watkins said.

Homicide detectives in Watkins' unit have been especially affected in their ability to get information on violent crime victims via phone, Watkins said.

"The hospitals won't tell us status (over the phone) anymore," he said. "When a detective calls to follow up on a patient, they won't even tell us if they're there."

The rules have had a particular impact on limiting information given to news organizations that routinely call hospitals to learn conditions of people injured in crimes, car accidents and other newsworthy events. But police and patients' families have also been affected.

Under the Tulsa Hospital Council's policy on HIPAA, anyone wanting information about a patient must have a patient's correct name, and the only information the hospital can give over the phone -- if the patient has given consent -- is whether that person is a patient at that hospital and the person's condition -- good, fair, serious or critical.

If a patient is not able to say yes or no, as in the case of emergency surgery or unconsciousness, most hospitals will not release any information.

Families won't be able to get much more than a patient's condition over the phone, because medical service providers, under HIPAA, are obligated to verify a person's identity before releasing any information.

Law-enforcement agencies still have traditional avenues, such as search warrants, to eventually get the medical information needed about crime victims. But waiting to go through the system that way can cause detectives to lose valuable time at crime scenes, Watkins said.

EMSA has special consent forms for its patients to sign and preset criteria and rules for determining what information to release to family members of patients.

For media, the agency will provide certain information that does not disclose a patient's identity, including gender and age in some cases, one-word descriptions of patient conditions, the general nature of the call, time and general location.

Tulsa County Sheriff's Chief Deputy Brian Edwards said his department experienced problems with HIPAA mostly in the first few days it was in effect.

"At first, the biggest obstacle was if we were calling around to hospitals trying to find someone possibly injured in a crime or to find someone who may have committed a crime and been injured while committing it," Edwards said.

"Now it's more difficult, because we have to have a name. But it hasn't created anything we can't overcome; it just takes a little time."