Part 2: Basic Patient Rights (FAQ 53 of 65)

Right to Request Restrictions on Uses and Disclosures

53. Why is the Right to Request Restrictions Almost Meaningless?

The rule does not require a covered entity to agree to a restriction requested by a patient. The covered entity does not have to agree even if the patient's request is reasonable. Contrast this provision with the right to request confidential communication. A covered entity must agree to a reasonable request for confidential communication. However, if you ask for a restriction on use or disclosure, the covered entity does not have to agree, does not have to state a reason for denying a request, and does not have to even respond to your request. Because it is a patient right without a corresponding obligation on the part of a covered entity, we conclude that the right is almost meaningless.

It gets worse. The rule expressly provides that some restrictions that an institution might agree to are not effective. These are uses or disclosures that are permitted for facility directories (separate rules govern facility directories), to the Department for oversight of the rule, or for any of the scores of other permissible disclosures allowed under the law. Thus, if an institution agrees to your request not to make a discretionary disclosure to the CIA, that agreement is not effective under the rule. Luckily for patients, the lack of effectiveness of the limit on disclosure may also be meaningless. It just means that the Department won't take enforcement action for a violation. That's not a big deal right now since the Department has shown no appetite for enforcing the rule. The patient may still be able to enforce an agreement through a complaint about professional misconduct or through a legal action for breach of contract. This is all rather hypothetical because it will be hard to convince any covered entity to agree to your request in the first place.

Jump to list of FAQs 1-65 | See all of Part 2