Q&A: Changing a doctor's appointment for a patient

Q. Can a third party such as a nursing home cancel or change a doctor’s appointment? Can a third party such as a nursing home cancel or change a doctor’s appointment without informing the patient? Are any of these HIPAA violations?

A. From a strictly regulatory perspective, the third party cannot cancel a patient’s medical appointment unless the third party is the personal representative of the patient or is the legal guardian of the patient. However, that wouldn’t be a compliance issue for the third party. That would rest with the healthcare provider who cancelled the appointment. If a long-term care facility, such as a skilled nursing facility (SNF), is a covered entity (CE), the CE may have valid reasons to cancel an appointment, coordinate care of the patient, and so forth. If the long- term care facility is not a CE, such as an assisted living facility, the facility is not a CE; therefore, HIPAA would not apply.

From a practical perspective, there are many instances where it would be appropriate for a third party, such as a long-term care provider, to cancel a medical appointment on the patient’s behalf. For example, if a patient is not feeling well, a certified nurse’s aide may inform the nurse of the patient’s condition and ask if the nurse can cancel or reschedule the patient’s appointment. In a non-long-term care setting, it’s not uncommon for a third party such as a spouse or significant other to call and cancel an appointment on behalf of a patient because, in many cases, the third party has been asked by the patient to call. If the appointment is not cancelled, the patient may be charged a missed appointment fee. Therefore, from a practical perspective, it would not be viewed as a violation of a patient’s privacy or result in an action that would in and of itself violate HIPAA if a CE cancels a patient’s appointment based on a call from a third party.

Editor's note: This question was answered by Chris Apgar, CISSP. Apgar is president of Apgar & Associates, LLC, in Portland, Oregon.This information does not constitute legal advice. Consult legal counsel for answers to specific privacy and security questions. Opinions expressed are that of the author and do not represent HCPro or ACDIS. Email your HIPAA questions to Editor Nicole Votta at nvotta@hcpro.com.