There is a concept in HIPAA world called an "organized health care arrangement" or OHCA. The classic one is the community hospital and the doctors on its voluntary medical staff. The doctors aren't employees and but for the OHCA concept they would each have to carry a pad of privacy notices around with them and hand one to each patient as they saw them. Instead, by declaring themselves to be an OHCA (and that's about all the formality that is necessary) they can remain legally separate but share a notice of privacy practices. They can also share information (as all providers can) for the purpose of treating patients without getting authorizations executed.
Can't say if this would fit your situation without knowing more, but the concept exists. You can learn more at the website linked below.
This response is intended to provide general information, but not legal advice. The response may be different if... more
This response is intended to provide general information, but not legal advice. The response may be different if there are other or different facts than those included in the original question. See MKnutsonLaw.com for more information on why this communication is not privileged or create an attorney-client relationship.
Every legal entity is a separate entity regardless of its location. HIPAA privacy rules may require a full authorization for release of information to each care provider depending on the circumstances. Glancing over the rules and regulations for HIPAA fines and penalties, taking the chance of running afoul of the rules does not seem worth the risk.