Skip to Content

M.S.A. §144.293

Link to the law
This will open in a new window

Release or Disclosure of Health Records

A provider may not release a patient’s health records to another person without a signed, dated consent form from the patient or patient’s legal representative, a specific authorization in law, or a representation from a provider that he has a signed consent from the patient.

A patient’s medical record can be given to another provider at the written request of a patient.  The written request should contain the name of the requesting provider.  The provider may retain a summary of the record after it is transferred.  The patient is responsible for the costs associated with providing the copy. 

Patient consent is valid for one year or as specified in the release form or as provided by law.  Providers may disclose or release information contained in medical records for a medical emergency where the provider cannot obtain consent, to other providers when necessary for current treatment, if a patient is returning to a health care facility and is unable to consent, or if the patient resides in a health care facility.  If a patient gives explicit consent to release his or her medical records, the consent does not expire within one year.  There is no expiration of consent for a provider who is a consultant for a patient’s primary provider, for the release of information to an insurer or health maintenance organization, for information that is not individually identifiable, and the recipient of the medical record has safeguards in place to prevent further disclosure of the information.

A provider or group purchaser can release patient information to a record locator service unless the patient has chosen to be excluded.  The record locator service does not share information with the Minnesota Department of Health.  Only a provider has access to patient identifying information from a record locator service through patient consent, unless there is an emergency medical situation. 

A health information exchange that has a record locator service must have an audit trail of the providers accessing the information, including the provider’s name, identity of the patient whose information was accessed, and the date of access.  A group purchaser cannot require a provider to participate in a record locator service as a condition of participation.  All providers must have a way of allowing a patient to exclude his or her identifying information from the record locator service.

Related Laws:  M.S.A. §144.298

Current as of June 2015