The Bottom Line 

As ScanSTAT acts as the medical records custodian for our clients, we are subject to HIPAA and other regulations as they apply to care providing covered entities. Our stance on these regulations such as GINA are not meant to place undue burden or liability on any undeserving entity. Rather, ScanSTAT seeks to advise all healthcare providers of best practices related to maintaining compliant workflows and high-quality patient care.

How Did We Get Here? 

The Genetic Information Nondiscrimination Act (GINA) of 2008 is another regulatory standard which must be interpreted and applied to the realm of electronic health records (EHR). GINA dictates that insurance providers may not take into consideration the genetic history of a coverage applicant or customer when making decisions regarding that individual’s qualifications. This FAQ is a summary of the position held by ScanSTAT Technologies regarding which organization is responsible for ensuring that genetic information is not part of the decision making process for insurance companies.

Burden of Nondiscrimination

While operating under the regulatory standards of HIPAA and GINA, ScanSTAT will disclose all requested records that accompany proper patient authorization to health plan providers. Should a record containing genetic information be requested and released to a health plan provider, the responsibility for ensuring that said information is not used for discriminatory purposes rests with the entity in receipt of the records. ScanSTAT Technologies operates under no obligation to remove, redact, or otherwise prevent the disclosure of a patient’s genetic information beyond the HIPAA compliant workflows already in place to prevent wrongful disclosure of Protected Health Information (PHI). ScanSTAT’s approach on this matter is easily justifiable when considering that GINA applies specifically to the underwriting practices of health plan providers. It is unreasonable for health plan providers to expect all other covered entities to execute editorial practices regarding the transfer of fully authorized PHI. However, ScanSTAT has implemented workflow adjustments in order to maintain streamlined and fair records release processes.

What to expect from Requesters

ScanSTAT’s stance regarding the burden of ensuring that genetic information is not used in a discriminatory fashion by the health plan is the burden rests with the requesting entity. Reasonable effort can be made by the record custodian to inform the requester that genetic information may be contained in the records, however, it would place an undue burden on the records custodian to audit the complete record for prohibited information.

Patient Authorization for Release

ScanSTAT will only release a medical record with the proper patient authorization accompanying the request. GINA in no way prevents a records custodian from releasing the requested record when accompanied by this patient authorization, even when the record contains genetic information. ScanSTAT is under no obligation to seek further clarification from the patient regarding the release of information that might contain genetic information.

If a Patient Restricts Their Genetic Information 

Should a patient submit documentation that they wish to restrict the release of their genetic information from being transferred to a requesting third part, ScanSTAT will follow their instructions. In such a situation, since documentation and charting protocols vary greatly by the provider, we may ask a provider to review the records in order to provide assurance that no genetic information is released. ScanSTAT does offer, at an additional charge, the option to have one of our clinicians review the document on behalf of the organization.