I am thinking about asking one of my therapists to show me the records/notes he has taken about me. Before doing so though, I would like to know what exactly my and his legal rights are regarding this. I've been reading about it online but the info is quite confusing and also suggests it may depend on individual states (I'm in the US).

Could anyone help point me in the right direction and/or share personal experiences? I know there was discussion on therapy notes before here on PC but I recall more from the point of view of whether it's useful for the client to see the records. I am certain I would like to see them but am not sure what I can and cannot ask/push.
Thank you.

[atisketatasket]

Having just had a communication from the DHHS about this in relation to my Smaug complaint...If it's his actual therapy notes, he does not have to release them under HIPAA. You have a right to the rest of the paperwork, but he can withhold notes, though within 30 days of the receipt of a written request for them, he has to tell you why he will not give them to you and it must be a "compelling reason." You can appeal that reason to his licensing board.

States may have their own laws but HIPAA must be followed. If you want the exact HIPAA reference, I can post it when I get home.

[junkDNA]

Some places like institutions and clinics and even hospitals will charge a fee

This is a therapist in private practice.

Quote:

Originally Posted by atisketatasket

If you want the exact HIPAA reference, I can post it when I get home.

Yes that would be helpful, thanks. Any reliable information would be good, I want to be informed before I raise anything.

Some info on why I plan to do this. I would not get into any formal complaint or reporting, but this is a T who has been repeatedly very messy and sloppy with administrative things (keeping/not keeping track of my cancellations, session dates, screwing up insurance claim forms more often than not) and has a tendency to become very defensive when I question him and complain, jump to conclusions about me without listening etc. I am less interested in the content of his notes (although that as well) than the way he actually keeps them.

So one could ask why I spend my time with such a person. I actually stopped seeing him over a year ago due to similar things and others, then worked with another T that was always very on top of things and never blamed me. I recently had a few sessions with this first one, originally because he invited me back to discuss our past conflicts, and at this time I was interested in tapping into it. But now we ran into similar issues and got the same reaction from him, so I am motivated to explore this further because I feel I get something out of it for myself to not let him mess with me. Recurring sloppiness due to lack of effort is something that tends to irritate me a lot and it's interesting to investigate why I have such strong reactions, but I would prefer to work with some more evidence if possible. He seems to encourage me to do this type of work but I have not asked about the notes yet.

[atisketatasket]

This is the simplified text of HIPAA regulations I used in my complaint. I think you want 164.524, but if you search the whole document for "notes" you will find other references.

HHS also has this helpful page on HIPAA for individuals and professionals.

I didn't actually file a complaint with HHS myself, my state medical board forwarded it to them after I cited HIPAA in my complaint to them. Something interesting I discovered in the course of making my complaint to the state board is that it is hard for a provider to claim HIPAA privileges for protection for notes if the provider has not taken care to keep notes and other health information separate. Which may well be the case with your disorganized t.

And a workaround would be to get T2 to ask T1 for notes, with your authorization. Professionals are more likely to share notes with other professionals. In my case, Smaug would not give me her notes - actually she would not give me any records at all - but she would give them to DBC, which is how I knew to include her unprofessional standards of notes (errors, etc.) in the complaint as well.

[luvnola]

I've requested records from a t in private practice. She released records, but none of her notes. She said the notes could be damaging (whatever that means) and for my safety she wouldn't release them to me.

I requested them from another t who released everything to me. Her notes only indicated my current emotional state (not her opinion on it, but what i had told her I was feeling) Getting notes from this t made me wonder what in the world the other t had written. I actually think either she didn't have notes or they weren't professional or something and that's why she didn't really release them. At the time I did check in to it with an attorney (a friend) who said she didn't have to release her notes if she thought it would do me harm, but I could get another t to request them for me if I wanted.

I would prefer not to involve the other therapist in this, that would be too much complication and I would rather keep them separate. Even just seeing his reaction to my request would be interesting to me though, I think.

I've looked at the difference between "psychotherapy notes" and "records" - so if I understand correctly, the records contain billing info and medical records (I did not have any medical treatment with him, just talk therapy) and the notes would be his observations about me and my treatment? He never took notes during sessions and generally seems to have a rather poor and selective memory about what was discussed, he even said he does not remember a big fight between us around one of the insurance forms, which sounds quite unbelievable but bizarre at minimum. I think I would be interested in requesting both, actually the records about sessions and billing might be even more informative because that sort of administration and keeping track was the very messy and what annoyed me and I complained about.

[Wonderfalls]

According to HPAA doctors must give you a reason if they do not supply medical information to you within a certain deadline. Psychotherapists' notes are exempt--they don't have to explain why they won't give them up to you. Some therapists make notes after the session for their own protection--if the client commits suicide for instance and they are sued.

[ShashaCruz]

why would you want these notes self assessment?

[atisketatasket]

Quote:

Originally Posted by Xynesthesia

I would prefer not to involve the other therapist in this, that would be too much complication and I would rather keep them separate. Even just seeing his reaction to my request would be interesting to me though, I think.

I've looked at the difference between "psychotherapy notes" and "records" - so if I understand correctly, the records contain billing info and medical records (I did not have any medical treatment with him, just talk therapy) and the notes would be his observations about me and my treatment? He never took notes during sessions and generally seems to have a rather poor and selective memory about what was discussed, he even said he does not remember a big fight between us around one of the insurance forms, which sounds quite unbelievable but bizarre at minimum. I think I would be interested in requesting both, actually the records about sessions and billing might be even more informative because that sort of administration and keeping track was the very messy and what annoyed me and I complained about.

Yes. I also think any administrative paperwork like permission to talk to another provider would fall under records. And actually I would agree with the usefulness of non-notes: Smaug's lousy financial record-keeping is another reason she is in trouble.

By the way, my former therapist DBC gave me this explanation on notes and requesting them once. I trust her on this because she was on our state's mental health professional ethics board until just last year.

"Every professional must either give you your notes when you request them in writing, or, within 30 days, notify you in writing that they are choosing not to and why. Under HIPAA, if a professional thinks the notes would be harmful to the client, they can refuse, in writing to give them. However, a client could still pursue a subpoena or court order as the records technically belong to the client and the provider is merely the custodian of the records. If the professional still thought the notes would harm the client, they are welcome to refuse a subpoena or court order and risk a fine or jail time to keep the records from the client."

So according to her there is no difference between professionals - it makes no sense that there would be a distinction between doctors and therapists in this area.

[Ididitmyway]

It depends on the state's laws.

I did ask almost all therapists I'd seen for the copies of my records and I received them every time. In CA where I live, therapists are obligated to provide either the copies of the clients' records or their summary or an access to the file at their office upon the client's written request. As long as you put your request in writing they can't refuse you to see your records in CA unless, as the law states, they believe it'd be detrimental for your well-being to see them, but I haven't heard of a case where the therapist would refuse giving the client access to the records on that basis.

I'd suggest you to call the licensing board in your state and ask them about your rights in regards to seeing your records. Talk to a real person on the phone instead of searching their website. A lot of relevant information on those websites is missing so get someone on the phone to answer your questions.

[Ididitmyway]

As far as "records" vs. "notes", I, again, can only speak of my state and only about practitioners who are in private practices and aren't covered as HIPPA entities, as I was only dealing with those. In those cases, there was no difference between the records and the notes. Whatever information I requested was provided to me. I was interested to see the actual notes and the dates of the session. At one time I received the copies of all the notes for 1.5 year period I was seeing one therapist, all dated, just as they were written originally. On two other occasions I received the summary of the notes for a certain time period with the dates marking the beginning and the end of therapy. In CA a therapist has a choice of how to give clients access to their file. They can choose to provide with copies of the notes/records (these terms are used interchangeably in this case) or with the summary or to allow clients to examine their file in their office. It's the therapist's call how to do that but one way or another they are required to give access to the information the client is interested in. They can, however, charge you for the time it takes them to write up the summary of the records if they choose to do it that way.

[atisketatasket]

Quote:

Originally Posted by Ididitmyway

It depends on the state's laws.

...only about practitioners who are in private practices and aren't covered as HIPPA entities, as I was only dealing with those.

HIPAA states that it supersedes state laws unless, e.g., state laws are more stringent, or the DHHS secretary determines that there is a compelling need to have the state law take precedence.

Every private practitioner I have seen has in their paperwork or as a sign in their office that they are HIPAA-compliant. And if HIPAA doesn't apply to private practitioners (I too have only seen those), then DHHS would not have had the jurisdiction to discipline Smaug, who was in private practice.

I think there probably are differences between clinics and hospitals and individual practitioners under the law, but I don't think any professionals are completely exempt.

[Ididitmyway]

Quote:

Originally Posted by atisketatasket

HIPAA states that it supersedes state laws unless, e.g., state laws are more stringent, or the DHHS secretary determines that there is a compelling need to have the state law take precedence.

Every private practitioner I have seen has in their paperwork or as a sign in their office that they are HIPAA-compliant. And if HIPAA doesn't apply to private practitioners (I too have only seen those), then DHHS would not have had the jurisdiction to discipline Smaug, who was in private practice.

I think there probably are differences between clinics and hospitals and individual practitioners under the law, but I don't think any professionals are completely exempt.

Many practitioners and organizations are NOT HIPAA covered entities. HIPAA concerns only those providers who transmit information electronically. I just had CE course on HIPAA, so I'd like to think I understand it correctly.

Take a look

https://privacyruleandresearch.nih.gov/pr_06.asp

"Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards. Generally, these transactions concern billing and payment for services or insurance coverage. For example, hospitals, academic medical centers, physicians, and other health care providers who electronically transmit claims transaction information directly or through an intermediary to a health plan are covered entities. Covered entities can be institutions, organizations, or persons."

[atisketatasket]

Now I'm very intrigued. Smaug did everything, and I mean everything, by hand. She did not take insurance. She mailed my health records to the one provider who got them. The only electronic thing she seemed capable of was swiping a credit card. Is that enough to cover her? And if it isn't why is there a HIPAA notice in my initial paperwork for her?

[Ididitmyway]

Quote:

Originally Posted by atisketatasket

Now I'm very intrigued. Smaug did everything, and I mean everything, by hand. She did not take insurance. She mailed my health records to the one provider who got them. The only electronic thing she seemed capable of was swiping a credit card. Is that enough to cover her? And if it isn't why is there a HIPAA notice in my initial paperwork for her?

Processing payment through credit card may be enough to be required to comply with HIPAA, actually. I would think so. I don't know from experience as I haven't yet done payment processing electronically, but I think that would make a provider a HIPAA covered entity.

[Ididitmyway]

By the way, as far as federal vs. state laws issues, in some cases the federal law supersedes the state law in theory but not in reality. Marijuana is still illegal on a federal level but in reality no one will pursue criminal charges in our state since it's legal here. Except may be if some federal agents would want to get you in trouble for this but this is highly improbable.

[atisketatasket]

Quote:

Originally Posted by Ididitmyway

Processing payment through credit card may be enough to be required to comply with HIPAA, actually. I would think so. I don't know from experience as I haven't yet done payment processing electronically, but I think that would make a provider a HIPAA covered entity.

So if one is a total Luddite - payment by check or cash, no insurance, communicates only by phone or in person, no email/text/fax - one is exempt from HIPAA? Is that even possible in this day and age outside certain small cultural groups?

[Ididitmyway]

Quote:

Originally Posted by atisketatasket

So if one is a total Luddite - payment by check or cash, no insurance, communicates only by phone or in person, no email/text/fax - one is exempt from HIPAA? Is that even possible in this day and age outside certain small cultural groups?

Email and text communications with clients are not health related transactions. When HIPAA talks of electronic transactions they don't mean emails in which clients confess their love for a therapist and a therapist responds by saying they have to discuss it in session. They mean communications between insurances and providers, between providers, hospitals and other entities that transmit information about diagnosis, sessions dates, treatment methods, payments and anything that has "medical" value that can be categorized and calculated by the system.

[atisketatasket]

Quote:

Originally Posted by Ididitmyway

Email and text communications with clients are not health related transactions. When HIPAA talks of electronic transactions they don't mean emails in which clients confess their love for a therapist and a therapist responds by saying they have to discuss it in session. They mean communications between insurances and providers, between providers, hospitals and other entities that transmit information about diagnosis, sessions dates, treatment methods, payments and anything that has "medical" value that can be categorized and calculated by the system.

I did mean email between providers. I know, for instance, two of my therapists consulted via email. Whether they also proclaimed their love for each other I don't know.

[Ididitmyway]

Take a look at this

https://www.cms.gov/Regulations-and-...redEntity.html

and this

https://www.cms.gov/Regulations-and-...sOverview.html

and this one talks about how it's not simple at all to define who is and isn't HIPAA covered

https://personcenteredtech.com/2013/...f-i-am-or-not/

All in all, not all e-communications are HIPAA covered transactions so just because therapist uses electronic means of communication to communicate with clients doesn't mean he is a HIPAA covered entity. Under those definitions, even those who practice online therapy may not be HIPAA covered though they have an obligation to use the technology that provides maximum security.

[Ididitmyway]

Quote:

Originally Posted by atisketatasket

I did mean email between providers. I know, for instance, two of my therapists consulted via email. Whether they also proclaimed their love for each other I don't know.

Right. I don't think their communications would be considered HIPAA transactions. See my previous post.

[Ididitmyway]

I remember long time ago, one of the instructors in my training told us not to worry about HIPAA if we are in private practice and don't bill insurances. By the way, a counseling center that doesn't bill insurances and doesn't send e-transactions anywhere is the same thing as a solo-practice, also not HIPAA compliant. Every counseling center I've dealt with was not a HIPAA covered entity.

Quote:

Originally Posted by ShashaCruz

why would you want these notes self assessment?

I explained some in posts #4 and 7. My primary interest is to see his record/note keeping system (if I can) with dates because he has been so disorganized and then defensive and blaming me for his messiness with administrative things. I would even just be interested in seeing his reaction to my request. Secondary interest would be seeing what he writes about me, even though from what I understand from posts here, those notes are rarely very rich and meaningful. He has a tendency to quickly jump to superficial and stereotypical conclusions in our interactions, especially when challenged, so I would be interested in what sorts of observations he makes for himself.

Thanks Ididitmyself and ATAT for the informative posts and questions. This whole thing does seem quite complex and complicated, as I suspected when I first got the idea and read a bit about the regulations. It is a good idea to talk with the licensing board of my state if they discuss these kinds of questions on the phone, I'll do that.

The connection between e-communication and HIPAA is interesting, I know about it more from my own profession (handling sensitive research data and associated responsibilities). So if the provider does not bill insurance directly but provides electronic invoices that clients use for reimbursement claims (out-of-network benefits), does that count as that sort of e-communication? This T I am talking about here has been notorious about not dealing with insurance claims electronically, he always prints out the forms and puts his info in manually and I pick them up in his office and then scan and submit electronically. But those are the forms that are filled out in all sorts of wrong ways very frequently.

The other T I worked with sends e-invoices but requests cash payments in the office, even though on his websites he says he accepts credit card and check.

I have no idea if any of them do these things to avoid regulations and reporting. Also, none of them had any paperwork for me to look at or sign when we started. I don't want or plan to cause trouble to any of them because there have been benefits from the therapy and there hasn't been any harm apart from the annoyances and manipulative acts each of them does in their own way at times. But I'm just not the kind of person who tolerates messing with my perception, twisting my words, and taking blame for repetitive sloppiness that is not coming from me. I mostly just want to make this very clear to the T privately and then likely not see him further.

[Ididitmyway]

I don't think if the provider sends the patient invoices electronically but doesn't bill insurance directly that those communications are HIPAA covered. I think, the whole idea of HIPAA was to specifically accommodate the system of insurance claims and bigger entities. If the therapist is not on any insurance panels and doesn't do the billing for clients he is not a part of HIPAA unless he is a part of some research or other project that requires the transmission of information inside the organization that does it or between organizations. Online therapy may be still covered by HIPAA even when insurance is not involved but I am not sure at this point. I need to find out.

In your case, it sounds like you don't feel your therapist is trustworthy and that's the reason you want to see your records. In my experience, looking at the records doesn't help to restore trust because what the therapist put in the notes is not as important as their attitude towards resolving conflicts. If the therapist has set his mind on not being transparent, your looking at the records won't change it.