Privacy and Confidentiality in Massachusetts
In order to protect the privacy of patients, Massachusetts law specifically states that the medical records of a patient in any health care facility or under a physician be kept confidential.1 The law also requires that the information of Medicaid and Medicare recipients must be kept confidential unless disclosure is directly connected to the administration of the program.2
Required reporting of medical data that identifies a patient may not be disclosed, except if the information is being used to prevent the spread of disease, for research purposes and/or the patient has given written consent to its use.3 The Commissioner of Public Health can disclose medical information for research purposes, but must keep the data confidential.4 All information submitted to disease specific registries must remain confidential and de-identified.5
Insurance companies also take steps to ensure the confidentiality of an individual’s information. For example, an individual must sign a release before the insurer can release any medical or treatment information for insurance determinations.6