A couple of weeks ago my friend fell off his bike and smacked his head. He got a small brain bleed and had to spend the night in ICU. Like most healthcare visits there were some hiccups – they didn’t contact me until 5 minutes after visiting hours ended, there weren’t drug orders (I swear he saw death coming for him while we waited for a script), and, of course, the doctors rounded at 6AM and we had to wait nine hours to find out his status and disposition (home!).

But what really bugged me? The medical record release process.

To ensure continuity of care we need his records from the hospital for a neuro followup on Friday. I figured it’d be pretty standard -- just have the specialist’s office call and fax over a request. I wanted to make sure his records made it so I double-checked the process this morning. They told me they wouldn’t release the records without an original signature. No faxes allowed. We could mail it in or come in person.

Ok, fine. Instead of making him get in a car (makes him sick) or do a lot of running all over town, I had him send me his power of attorney. See, there's loophole in their “original” signature thing – as his power of attorney, I can make his decisions (or, in this case, get some copies made) with my original signature. No problem-  I sent him a standard health POA, he signed it, got it witnessed, sent it back, and I went to the hospital in person to get some records. The interaction went something like this:

Records Clerk #1: Can I help you?

Me: I need some medical records sent from here to Kaiser.

RC #1: Are you the patient?

Me: No, but I’m his power of attorney. Here’s the paperwork.

**RC#1 peruses the paperwork**

RC #1: Let me check with someone else.

**RC#1 talks to RC#2**

Records Clerk #2: Where’d you get these signatures?

Me: I had him sign it and send it to me.

RC #2: This isn’t his signature.

Me: Yes it is.

RC #2: It doesn’t match the one we have on file.

Me: His brain was bleeding when you got that. This is his real signature.

RC#2: Who are you?

Me: His friend.

RC #2: Just a friend? And he gave you Power of Attorney?

Me: Yes.

RC#2: You printed this off the internet. This isn’t a Power of Attorney.

Me: He’s an attorney and I have a master’s in health administration. This is what we do. It's legal.”

RC#2: Let me check with my supervisor.

Me: Ok.

Supervisor: Who are you?

Me: His Power of Attorney.

Supervisor: No, who are you?

Me: His friend… **looks at me like I’m crazy**… I’m his person.

Supervisor: His significant other?

Me: Sure.

Supervisor: Ok. **looks at the POA** This isn’t notarized.

Me: If you have two witness signatures, you don’t have to get it notarized.

Supervisor:  …I just don’t know enough about this and my Supervisor isn’t in. Why don’t you have them fax us to fax them?

Me: That’s what we tried to do this morning. Your office said I had to come in person!

Supervisor: Well, here’s our fax number… we’re just really careful.

After that I called Kaiser. Got the right form. Filled it out with the wording to make sure the records get sent from provider to provider. Sent it to him, had him sign it and fax it in. A fifteen minute process that, because of the runaround, took three hours. Still waiting on them to confirm receipt. Despite this hospital being on track to achieve Meaningful Use, they said it may take 7-30 days to get his records. Fingers crossed, that CAT scan makes it to neurology on Friday…

When there are too many hoops to jump through - like needing to provide a original signature - inefficiencies abound. When people are uninformed - like insinuating "just a friend" isn't the legitimate POA- there's a real liability issue. Look, I want medical records to be private and secure. I understand that there are real consequences for data breaches and HIPAA violations. I get that creating information from data can be difficult and health literacy is a real concern. But there are ways to mitigate these issues. HIPAA fears should never be an excuse for disrupting the continuum of care.