Coordinating Patient Care in the HIPAA Era

Leslie Secrest, MD
Chairman of the Department of Psychiatry at Texas Health Presbyterian Hospital Dallas

In our final post discussing the effect HIPAA policy and regulations have on both individuals living with a mood disorder and their families, we look at the implications of sharing elements of mental health treatment as part of the electronic health record (EHR).

Coordinating Patient Care in the HIPAA Era

Protecting patient privacy has long been a vital, but complicated priority for mental health care providers. In guarding our patients’ privacy, we aim to defend against prejudicial or discriminatory care. We balance those concerns with the realization that a patient’s health could be jeopardized if other providers do not have access to the full health picture. Sharing elements of a mental health record is, at times, in a patient’s best interest.

With the advent of electronic health records (EHR), it has become easier to control who has access to a person’s mental health information, and who does not. For instance, the EHR system that my hospital uses allows me to restrict mental health information to only the providers that I name. Certain keywords in the notes also trigger automatic privacy settings.

When such precautions aren’t taken, however, (and they often are not), EHRs allow mental health information to be available across entire health systems. Access is even available to treating providers who have no medical reason to review psychiatric notes. [Read “Update on Electronic Health Records and Health Care Technology” by Steven R. Daviss, MD, in Psychiatric Times.]

Today’s mental health care providers are navigating a complex sea of privacy and patient-care issues, and I witness providers struggling with it on a near-daily basis. For example, in the acute-care setting where I practice, many patients have co-existing health conditions. These patients are often under the care of multiple physicians. As the treating psychiatrist, I have ability to select who is authorized to access mental health care information. Working collaboratively with the med/surg team, it is fairly easy to determine who has a need to know and who should be added to the treatment team.

There are cases, however, where an acute condition arises and the new provider is not named in the record. It is not difficult to add the provider to the record, but if not done, it can slow care. In limiting access to my patient’s full medical record, I sometimes limit my colleague’s ability to provide emergent care.

Another challenge is protecting the privacy of people who are not under our care. For example, most mental health assessments include a detailed family history. The patient record may contain information about a family member’s mental illness. That information may not add value to the medical record, and in most cases is not relevant to the medical care. But as part of the patient record, this family member information is available to whoever has access to that record.

An additional consideration is EHRs’ portability and very long life. Whatever information we put in the record will be available to many providers throughout the course of a patient’s life. I do not want a patient who is seen for a psychiatric concern to receive prejudicial treatment when he or she seeks unrelated medical care at a later date because of my notes in their record.

While it is possible to protect patient privacy without constructing barriers to care, it requires patience and consideration. I urge providers to be mindful of our patients’ privacy and encourage them to support one another as we work to strike this delicate balance.

Editor’s Note: In 2013, DBSA addressed this topic in an online survey to understand consumers’ views regarding coordination of Care between Mental Health and Physical Health Providers. The survey included both multiple choice questions to assess consumers’ preferences regarding specific issues and open-ended questions to explore consumers’ views and personal experiences.

Your Turn: What is your experience with coordination of EHR?

  • How do you ensure that inappropriate information is not included in the permanent EHR?
  • Have you experienced prejudicial treatment when being treated for an unrelated medical condition because too much information about your mental health treatment was in the EHR?
  • What are the circumstances in which you would want the psychiatric medical record available to clinicians treating you for a physical condition?
  • What protections need to be in place to keep family member information out of the EHR?
  • Are you concerned that this information could creep into your own permanent medical EHR?

[poll id=”19″]

Facebook Comments


So far, there is very little issue about patient privacy in the industry of long-term care. As long as the names of the patients are kept hidden by the private insurance, then there is very little to worry about. Over time, companies are finding more and more ways to use that private information and use it to their advantage (SOURCE: Marketers, advertisers, and business owners are among the few who would benefit from it. For example, a patient that has a leaked contact information can receive countless emails and phone calls every week. The products could range from long-term care insurance to medicinal pills to nursing facilities. That is why it is very important to keep all the patient information hidden and private. We don't want our senior patient being harassed by sales agent every 30 minutes, do we?


afish:  this is a very sensitive issue for patients and psych docs. psych,  docs must respect their patients requests.  With HIPPA and the new EHR which has become very costly for mental health providers, as a patient, one has the right to read their chart.  As a clinician, especailly when i was providing mental health services to the military and their families, even though these charts were separate, many military families were concerned that their mental health charts would become part of their other military chart.  I don't completely agree with Dr. Seacrest becuase the pt. and the doc can decide about the HIPPA law and who the patient wants to share their record with.  Further, the new coding system for mental health re: reimbursement is still in the early stages for those mental health providers who are accepting Medicare/Medicaid, they really need to be careful how they chart in order for them to be reimburse.  Regarding medical issues related to mental health tx., again this must be a decision between the psych doc and/or othere mental health provider and the patient.  As for myself, I have made it clear who can see my chart, myself included a d a HIPPA cont

mental health charting really needs to be very generic to avoid law suits and protection of us patients. Patients must and need to have control over these very important changes.



I strongly disagree with the psychiatrist being the one with the power to restrict information.  This power should belong to the patient as it's the patient's information.  Here's an example why this is important.  Years ago I saw a psychiatrist in a student health center.  Before I said anything to the psychiatrist I verified that the psychiatric records were kept separate from the general medical record, and I was told they were.  One day I walked in to the student health center to see an internist for a cold.  I mentioned symptoms I was having which included a sore throat.  The internist said in a sarcastic voice, "Well, why do you THINK you have a sore throat?"  I started to suspect at that moment that my psych records were not being kept separate, and I found out they were combined.  I have a history of bulimia, and the internist read about it in my psych records which led to his sarcastic comment. Had I been the one to control the information, I would have told the internist about my bulimia if and when I built a trusting relationship with him and felt it would be handled respectfully. The result of all that was that I stopped all further treatment at that university.  Because of this (and other reasons), I see a psychiatrist who uses an EMR that is not connected with other physicians.

Psych records need to be kept separate unless the patient has given consent for other physicians to read the information.  Combining the records can lead to problems and drive people away from care as it did in my case.


For me, this is the most interesting conversation we have held, yet. I think my experience has been colored by the fact that due to a breach years ago in my health record, I was "outed" to my insurance company. I was paying fee-for-service for psych med management, yet an Office Manager at my psychiatrist's office inadvertently sent in a claim with my mental health code to my insurance company. I was working in managed mental healthcare at that time, so I was very clear that the stigma of any serious mental illness was not one that I wanted. That being said, from that date and forward, I have been candid in my own disclosure, and even have managed to attain a long-term care insurance policy, for example. I have been honest about my meds and my diagnosis, as I do not want any form of error related to drug interactions etc…

Overall, I feel that EHR's should share information regarding medications, for example, yet I like the idea of the psychiatrist being able to select who is authorized to access the information.

In terms of emergent care, there needs to be an advance plan in place. Is there any way to "tier" how access to information may be used? By this I mean, is there a way to disclose information under varying urgent versus emergent situations? I know provider groups and health providers are often tiered by insurance companies as it relates to their areas of expertise etc… Perhaps EHR's could be triggered by a certain provider or provider group needing to provide very specific types of care. 

Finally, I think providers often disclose information to one another, anyway. Formal systems often show how confidential information can be breached and stigma can be applied, but in my experience, this happens anyway. Providers tend to talk about client information, regardless. I do not appreciate that, yet have heard casual conversations regarding mental health records in numerous settings. I have heard this as an Administrator, as a licensed chemical dependency counselor and as an insurance agent. 

This is more of a concern than I think most people realize and I am glad to see it being addressed. 


The only time EMR should include psychiatric info. is when patient's condition threatens violence to self &/or others. This is related to the "mandated reporter" law in my state - California. In my opinion, the saving of life is a core principle of ethics. That and that alone should determine what information is shared with the family or anyone else in the community.

As for prejudicial treatment in my individual situation, the only biases I have received so far against my mental health information have come from my family of origin and from my ex-husband.  In both cases, the information my providers and I shared with them openly was either denied or a basis of fear and rejection. The irony is that the top two deniers or distancers from my condition are an m.d. (non-psychiatric) and a ph.d. (psychologist).

Wish we could train medical students and mental health students more effectively to consider the mental health patient's point of view and the prejudices faced from family to community to state and beyond... 


My psychiatrist's EMR is not connected with any other physicians I see, and I will continue to see him as long as that remains the case.  I work in health care and have seen how information contained in psychiatric records can harm patients who are seeing other physicians- i.e. they aren't taken seriously.  I share very limited information about my mental health history (i.e. diagnosis of depression & medications I take) with physicians I see, but I don't even share that with all physicians I see.  For example, the dermatologist doesn't know anything about my mental health history because they don't need to know - they've only given me topical medications so there is no need to know what medications I take systemically.  No risk of interaction.  If they do decide to give me a medication that is oral or IV, then I may rethink that - but for now there is no need for them to know. I don't want my physician being the one who decides what information is shared.  That's my decision, and I want to remain the one who controls that.


@boudiceatx Absolutely yes! I've made many mistakes sharing information with family members and "friends". The stigma of mental illness or brain disorders will unfortunately last longer than that of alcoholism or drug addiction, which often occur together. In my case, I did not inherit the drinking problem in my family but rather my dad's, uncle's, and cousin's bipolar condition. Just as autism has become a spectrum, I think addictive disorders of emotions and relationships need to become a spectrum too.


  1. […] recent article, Coordinating Patient Care in the HIPAA Era, gives great clinical examples and insights into the value provided by EHR and HIPAA to help mental […]