Information Blocking Rule Requirements for Part 2 Data in Patient Portals
Considerations for Entities that Maintain Part 2-Protected Data
CoE-PHI resource that describes the Information Blocking Rule and explains that it does not preempt stricter privacy laws and regulations such as 42 CFR Part 2.
- Information blocking includes practices that would “interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information.”
- Following a legal requirement to obtain patient consent for a disclosure meets the “privacy exception” in the Information Blocking Rule and is not considered information blocking.
- If a portal cannot segment Part 2-protected records or prevent a patient’s proxy from unconsented access to such records, the healthcare provider should not share Part 2-protected records on the portal.