Skip to Content

Privacy and Confidentiality in Massachusetts

In order to protect the privacy of patients, Massachusetts law specifically states that the medical records of a patient in any health care facility or under a physician be kept confidential.1 The law also requires that the information of Medicaid and Medicare recipients must be kept confidential unless disclosure is directly connected to the administration of the program.2

Required reporting of medical data that identifies a patient may not be disclosed, except if the information is being used to prevent the spread of disease, for research purposes and/or the patient has given written consent to its use.3 The Commissioner of Public Health can disclose medical information for research purposes, but must keep the data confidential.4  All information submitted to disease specific registries must remain confidential and de-identified.5

Insurance companies also take steps to ensure the confidentiality of an individual’s information.  For example, an individual must sign a release before the insurer can release any medical or treatment information for insurance determinations.6

Footnotes

  • 1. M.G.L.A. 111 §70E
  • 2. M.G.L.A. 118E §49
  • 3. 105 MA ADC 300.120
  • 4. M.G.L.A. 111 §24A
  • 5. 105 MA ADC 302.070; 105 MA ADC 301.040; M.G.L.A. 111 §111B
  • 6. 105 MA ADC 128.313

 

Privacy and Confidentiality in Massachusetts

Subtopic Statute/Regulation Description
Confidentiality of substance abuse records 104 CMR 27.18, SUD Treatment Facility
105 Mass. Code Regs. 164.084 - Confidentiality Substance abuse treatment information may be disclosed without the consent of the patient if the disclosure would be permitted by 42 CFR Part 2.
M.G.L.A. 111B § 11, Treatment Record; Patients rights
Privacy and Confidentiality 104. Code of Mass. Regs. 27.17. - Records and Records Privacy Mental health facilities must maintain the confidentiality of their patient records.   Disclosure With Consent: A patient or a patient’s...
958. Mass. Code Regs. 3.313. - Confidentiality An insured individual must sign a release before an insurance carrier can release medical or treatment information or other information as part of an...
Mass. Gen. Laws. Ann. ch. 111, § 110B - Reyes syndrome treatment or examination; reports A physician, physician assistant, a nurse or other person who examines or treats a child with Reyes syndrome must report the examination or treatment...
Mass. Gen. Laws. Ann. ch. 111, § 111B - Malignant disease and benign brain-related tumor registry; reports The Department of Public Health must establish a registry to record cases of malignant disease and benign brain related tumors to conduct...
Mass. Gen. Laws. Ann. ch. 111, § 191 - Reports of lead poisoning; notifications to agencies; records A physician, nurse, hospital, health center, or other diagnosing agency must report each case of lead poisoning (not previously reported) to the...
Mass. Gen. Laws. Ann. ch. 111, § 202 - Fetal deaths; reports; confidentiality; disposition of remains; violations; forms When a fetal death (defined as death occurring prior to extraction from mother, and does not breathe or show any evidence of life; it does not...
Mass. Gen. Laws. Ann. ch. 111, § 24A - Reduction of morbidity and mortality; establishment of program; information and reports The Commissioner of Public Health can authorize the use of medical information for research purposes to reduce morbidity and mortality within the...
Mass. Gen. Laws. Ann. ch. 111, § 24B - Birth information; statistical purposes Upon the birth of a child, the physician or nurse or person responsible for the birth must forward the relevant information to the Commissioner of...
Mass. Gen. Laws. Ann. ch. 111, § 51D - Discrimination by acute hospitals against Medicare beneficiaries; Discharge planning An acute hospital cannot establish discriminatory practices in relation to admission, availability of services or treatment or transfer for any...
Mass. Gen. Laws. Ann. ch. 111, § 70E - Patients' and residents' rights All of the rights below apply to all patients in all facilities.  This section applies to all health care facilities, which include, hospitals,...
Mass. Gen. Laws. Ann. ch. 111E, § 18 - Record of treatment; rights of patients All substance abuse treatment records are confidential. Disclosure of substance abuse treatment information is permitted with the informed consent of...
Mass. Gen. Laws. Ann. ch. 175I, § 13 - Personal or privileged information from insurance transactions; disclosure An insurance company may not disclose any personal or privileged information received in the course of business unless the individual has provided a...
Mass. Gen. Laws. Ann. ch. 175I, § 8 - Recorded personal information; medical record information; disclosure; fees An insurance company must make any personal information collected about an individual available to the individual to whom it refers.  An...
Patient’s right to confidentiality of medical records/medical information 104. Mass. Code Regs. 27.17. - Records and Records Privacy “Records and Records Privacy”   This law sets forth how facilities shall maintain a permanent individual record for each person...
105. Mass. Code Regs. 130.370. - Retention of Records A hospital must retain a patient’s records for at least 20 years from discharge or the patient’s last treatment.  The medical...
105. Mass. Code Regs. 140.302. - Patient Records Each health clinic must keep all patient records in a centralized location.  Each patient must have his or her own record with two forms of...
105. Mass. Code Regs. 145.550. - Removal of Medical Record “Removal of Medical Record”   No medical records shall be removed from the unit except as required by legal action. In the event...
105. Mass. Code Regs. 150.011. - Social Services “Social Services”   The law establishes that sufficient social services must be provided to meet all the social and emotional needs...
105. Mass. Code Regs. 150.013. - Clinical and Related Records “Clinical and Related Records”   All facilities must provide conveniently located and suitably equipped areas for the recording and...
105. Mass. Code Regs. 155.006. - Protection of Reporting Individuals and Other Parties “Protection of Reporting Individuals and Other Parties”   The identity of any mandatory or non-mandatory reporting individual who...
105. Mass. Code Regs. 155.009. - Availability of Reports; Disclosure of Information “Availability of Reports; Disclosure of Information”   Upon written request by any person, the Department shall provide the...
105. Mass. Code Regs. 170.345. - Records “Records”   Each service must prepare and maintain records that are subject to and available for inspection by the Department at any...
110. Mass. Code Regs. 11.22. - Confidentiality of Medical Records and Information “Confidentiality of Medical Records and Information”   Medical records of a child must not be distributed or released to any...
958. Mass. Code Regs. 3.416. - Confidentiality - External Review “Confidentiality - External Review”   In order to release medical and treatment information or other information obtained as part of...
Mass. Gen. Laws. Ann. ch. 111, § 67E - Children born with congenital anomaly, birth defect, birth injury or an intellectual disability; reports Within 30 days after diagnosis of a congenital abnormality, birth defect or birth injury that could lead to death or injury, the diagnosing physician...
Mass. Gen. Laws. Ann. ch. 111, §24M - Computerized immunization registry “Computerized immunization registry”   The Department must establish, maintain and operate a computerized immunization registry. The...
Mass. Gen. Laws. Ann. ch. 111, §72I - Filing of reports; confidentiality “Filing of reports; confidentiality”   The department must maintain a file of the written reports prepared pursuant to sections 72G...
Mass. Gen. Laws. Ann. ch. 112, §12S - Consent to abortion; form; persons less than eighteen years of age “Consent to abortion; form; persons less than eighteen years of age”   No physician may perform an abortion upon a pregnant woman...
Confidentiality and disclosure requirements of public health reporting information (disease specific information/registry data) (Cross reference to Public Health Reporting) 105 Mass. Code Regs. 130.1302. - Angioplasty Patient Outcome Monitoring Requirements All hospitals that provide angioplasties must provide patient specific surgery outcome data to the Data Analysis Center (a center contracted out by...
105. Mass. Code Regs. 130.1202. - Cardiac Surgery Patient Outcome Monitoring Requirements All hospitals that provide cardiac surgeries must provide patient specific surgery outcome data to the Data Analysis Center (a center contracted out...
105. Mass. Code Regs. 300.120. - Confidentiality All information, such as disease reports, interviews, or electronic records, that identifies the patient, that was used to report to or collected by...
105. Mass. Code Regs. 301.001. - Purpose “Purpose”   This section’s purpose is to facilitate the maintenance of the Cancer Registry established by the Massachusetts...
Mass. Gen. Laws. Ann. ch. 111, §119 - Records pertaining to venereal diseases “Records pertaining to venereal diseases”   Medical records pertaining to venereal diseases, are not public records, and the...
Mass. Gen. Laws. Ann. ch. 111, §24M - Computerized immunization registry “Computerized immunization registry”   The Department must establish, maintain and operate a computerized immunization registry. The...
Mass. Gen. Laws. Ann. ch. 111, §72I - Filing of reports; confidentiality “Filing of reports; confidentiality”   The department must maintain a file of the written reports prepared pursuant to sections 72G...
Authorization for disclosure and exceptions to authorization requirements 105. Mass. Code Regs. 145.555. - Release of Medical Record “Release of Medical Record”   Prior to release of any information from a medical record to any person not authorized by law to...
Disclosure requirements (what providers can disclose, prohibition on further disclosure) 105. Mass. Code Regs. 155.016. - Establishment and Content of the Registry for Nurse Aides, Home Health Aides and Homemakers “Establishment and Content of the Registry for Nurse Aides, Home Health Aides and Homemakers”   The Department must establish and...
Mass. Gen. Laws. Ann. ch. 112, §12 - Disclosure of information relative to venereal disease by registered physician “Disclosure of information relative to venereal disease by registered physician”   Any registered physician or surgeon who knows or...
Mass. Gen. Laws. Ann. ch. 112, §129A - Confidential communications “Confidential communications”   All communications between a licensed psychologist and the individuals with whom the psychologist...
Mass. Gen. Laws. Ann. ch. 112, §12G. - Disclosure of information by physicians and other medical providers “Disclosure of information by physicians and other medical providers”   Disclosureof information after obtaining patient’s...
Mass. Gen. Laws. Ann. ch. 118E, § 49 - Use and disclosure of information Use or disclosure of information from applicants and recipients of medical benefits under Medicare/Medicaid must be directly connected to the...
Disclosure of medical information for research purposes (Cross reference Research) 105. Mass. Code Regs. 301.040. - Confidentiality of Reports The Department of Public Health must maintain the confidentiality of the reports sent to the Cancer Registry.  The Department cannot release any...
105. Mass. Code Regs. 302.070. - Confidentiality Information to be reported for the Congenital Abnormalities Registry must be necessary to conduct epidemiological studies and develop treatment and...
105. Mass. Code Regs. 305.010. - Information Acquired for Administrative, Statistical or Research Purposes “Information Acquired for Administrative, Statistical or Research Purposes”   Confidential birth information contained in limited...
105. Mass. Code Regs. 305.050. - Permitted Disclosure of Confidential Birth Information Contained in Limited Data Sets “Permitted Disclosure of Confidential Birth Information Contained in Limited Data Sets”   The Department may disclose confidential...
105. Mass. Code Regs. 305.060. - Permitted Disclosure of De-identified Birth Information “Permitted Disclosure of De-identified Birth Information”   Authorizes the Department to release de-identified birth information to...
105. Mass. Code Regs. 305.065. - Permitted Disclosure of Aggregate Birth Information “Permitted Disclosure of Aggregate Birth Information”   AuthorizestheDepartment to disclose aggregate birth information for...
105. Mass. Code Regs. 305.070. - Application for Access to Confidential Birth Information for Research Purposes Confidential birth information may be used in the conduct of approved research including birth related medical and demographic data obtained pursuant...
105. Mass. Code Regs. 305.080. - Restrictions on Use and Disclosure of Confidential Birth Information for Research Purposes “Restrictions on Use and Disclosure of Confidential Birth Information for Research Purposes”   Imposes restrictions on the use and...
Mass. Gen. Laws. Ann. ch. 111, § 67E - Children born with congenital anomaly, birth defect, birth injury or an intellectual disability; reports Within 30 days after diagnosis of a congenital abnormality, birth defect or birth injury that could lead to death or injury, the diagnosing physician...
Confidentiality and disclosure requirements of peer review information (Cross reference to Medical Peer Review) Mass. Gen. Laws. Ann. ch. 111, §205 - Information and records necessary to comply with risk management and quality assurance programs “Information and records necessary to comply with risk management and quality assurance programs; confidentiality; definitions”  ...
Mass. Gen. Laws. Ann. ch. 111, §72I - Filing of reports; confidentiality “Filing of reports; confidentiality”   The department must maintain a file of the written reports prepared pursuant to sections 72G...
Mass. Gen. Laws. Ann. ch. 112, §5 - Investigation of complaints; remediation program; individual profiles; hearing; disciplinary action “Investigation of complaints; remediation program; individual profiles; hearing; disciplinary action; immunity; confidentiality; notice;...
Confidentiality of genetic information Mass. Gen. Laws. Ann. ch. 111, §70G - Genetic information and reports protected as private information; prior written consent for genetic testing “Genetic information and reports protected as private information; prior written consent for genetic testing”   This section...
Violations of confidentiality; penalties Mass. Gen. Laws. Ann. ch. 111, §72I - Filing of reports; confidentiality “Filing of reports; confidentiality”   The department must maintain a file of the written reports prepared pursuant to sections 72G...
Other Mass. Gen. Laws. Ann. ch. 111, §72I - Filing of reports; confidentiality “Filing of reports; confidentiality”   The department must maintain a file of the written reports prepared pursuant to sections 72G...