The ability of one medical facility to release info to another for your treatment and health is a standard release in medical forms patients fill out, so you may have authorized this, but don't remember. In any event, even if it is a HIPAA violation, there is no private right of action under HIPAA. You can file a complaint with the US Dept of Health and Human Services as well as the State Medical Board of California if you think the doctor or his staff violated HIPAA, and they can investigate and take action against them if warranted, but you can not sue under HIPAA.
We do not have an attorney-client relationship. I am not your lawyer. The statements I have made do not constitute legal advice. Any statements I have made are based upon the very limited facts you have presented, and under the premise that you will consult with a local attorney. This is not an attempt to solicit business. This disclaimer is in addition to any disclaimers that this website has made. I am only licensed in California.
In the book of forms that has to be signed at admission, there is normally a general medical records release. There are also emergency exceptions that do not require a release. If you did not sign a release and there was not a qualifying emergency, there may have been a violation of your rights under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). You can pursue this through a complaint to the administrator of the mental health facility, the administrator of the hospital, and/or the federal Office of Civil Rights. The Department of Health and Human Services website includes information on how to do this: http://www.hhs.gov/ocr/privacy/hipaa/complaints/index.html.
Jennings Law Offices LLC and Attorney Jonathan P. Jennings are providing the above response as a matter of public information. No individual legal assessment or legal advice is intended.
Under HIPAA, as the other attorney's have stated, it was probably permissible for the emergency department to share information with the other health care provider for the purpose of treatment without your authorization.
The Notice of Privacy Practices (NOPP) that you should have been offered by the hospital will elaborate on what protected health information the hospital can and can't disclose without your authorization. You many have even signed a consent for the use and disclosure of your PHI upon registration.
However, Ohio may have consent for use/disclosure laws that are more strict than HIPAA.
You may want to consider contacting the hospital's privacy officer and share your concerns.
The information provided is for general purposes only and does not establish an attorney/client relationship.