Information Blocking Rule Requirements for Part 2 Data in Patient Portals

Considerations for Entities that Maintain Part 2-Protected Data

CoE-PHI resource that describes the Information Blocking Rule and explains that it does not preempt stricter privacy laws and regulations such as 42 CFR Part 2.

Key Points

  • Information blocking includes practices that would “interfere with, prevent, or materially discourage the access, exchange, or use of electronic health information.”
  • Following a legal requirement to obtain patient consent for a disclosure meets the “privacy exception” in the Information Blocking Rule and is not considered information blocking.
  • If a portal cannot segment Part 2-protected records or prevent a patient’s proxy from unconsented access to such records, the healthcare provider should not share Part 2-protected records on the portal.

Related Resources