Schedule “E” of the College Bylaws – the Standard for Patient Records – sets out the rules about record-keeping for RMTs.
The following principles underlie the Standard for Patient Records:
The Standard for Patient Records specifies the information that each health care record must contain. The level of detail required for each chart entry will depend on the circumstances, but certain baseline information must be kept in all patient records.
Health care records must be accurate, current, and complete.
The Personal Information Protection Act (PIPA) applies to RMTs in private practice in BC. It sets out the general rules that apply to the protection of patients’ personal information, and the obligations of registrants to maintain patient confidentiality and privacy. The Office of the Information and Privacy Commissioner has published a guide to PIPA (PDF) as well as a number of other guidance documents.
See the BC Government’s Protecting Personal Information page for useful information about PIPA.
RMTs may keep their records in either paper or electronic form.
Records may be stored in the cloud. If storing records in the cloud, RMTs must ensure that the cloud storage complies with privacy legislation. For more information, see the guidance document from the Office of the Information and Privacy Commissioner for BC: Cloud Computing for Small- and Medium-Sized Enterprises.
Records cannot be voice recorded.
RMTs must maintain patient records for 16 years from the date of the last treatment or the date of the patient’s 19th birthday.
Patient records may be transferred to another RMT or licensed health care provider before the retention period has expired, if the patient consents to the transfer. In such cases, RMTs should consult the CMTBC Bylaws to ensure that they comply with all transfer requirements.
An RMT may keep shared records with other RMTs or licenced health care providers in a shared or multi-disciplinary practice, provided that appropriate patient consent is obtained, as required under PIPA.
In such cases, each RMT should ensure that his or her record entries are kept on a separate page from the records of other RMTs or licensed health care providers. This ensures that, if the RMT leaves the practice or place of business, the record may be removed.
When an RMT leaves a shared or multi-disciplinary practice, it can result in a dispute over who owns the records. RMTs have a professional obligation to take patient records with them and retain them for 16 years, unless the records are transferred to another RMT or licensed health care provider in accordance with CMTBC’s Bylaws.
Patients have a right by law to access a copy of their complete patient record. An RMT may charge a reasonable fee for expenses associated with preparing and copying records, as long as the patient is advised of the charges in advance.
RMTs do not need to obtain patient consent to provide copies of patient records to the College, or to inspectors appointed by the CMTBC’s Inquiry Committee.
Inspectors appointed by the Inquiry Committee are permitted by the Health Professions Act to inspect and copy the records of an RMT relating to the RMT’s practice of massage therapy.
Confidentiality of patients’ personal information is protected by section 53 of the Health Professions Act, which poses a duty on CMTBC and representatives of the College to preserve confidentiality.
From time to time, a private insurance company that provides patient benefits (i.e., an insurer) may contact you to request personal information about a patient, such as a patient record or a list of treatment dates. What should you do in this situation?
Generally, the Personal Information Protection Act (PIPA) only allows RMTs to disclose patients’ personal information with patient consent. However, in limited and specified circumstances, patient information can be disclosed without consent; see the Guide to BC’s PIPA published by the Office of the Information and Privacy Commissioner for BC. It is an RMT’s responsibility to confirm whether information may be disclosed to an insurer or another organization without consent, based on one of the exceptions contained in PIPA.
Generally, when an RMT receives a request from an insurer for a patient’s personal information under PIPA, the RMT should first determine whether there is a specific exception contained in PIPA that permits the release of information without consent. If no exceptions under PIPA permit the release of information without consent, then patient consent (as defined under PIPA) would be required before the RMT discloses the information.
In some cases, insurers may seek a patient’s personal information from an RMT specifically for the purposes of investigating suspected fraudulent claims or activity. In such cases, insurers may not have consent from the patient(s) authorizing you to make the requested disclosure. In this situation, an exception contained in section 18(1)(c) of PIPA provides discretion to disclose personal information in the following circumstances (emphasis added):
“An organization may only disclose personal information about an individual without the consent of the individual, if … it is reasonable to expect that the disclosure with the consent of the individual would compromise an investigation or proceeding and the disclosure is reasonable for purposes related to an investigation or a proceeding”.
Under section 1 of PIPA, an “investigation” is defined as:
“an investigation related to
(a) a breach of an agreement,
(b) a contravention of an enactment of Canada or a province …
(d) the prevention of fraud …
if it is reasonable to believe that the breach, contravention, … fraud … may occur or may have occurred”
In this situation, an RMT has responsibilities to the patient, the public, and the profession under the College’s Code of Ethics. The RMT should apply his or her professional judgement using the Code of Ethic’s ethical principles to guide the decision (including the duties to society and duties to the profession). Every request must be considered on a case-by-case basis having regard to all the relevant circumstances. The bottom line is that the applicable privacy legislation does permit disclosure of the personal information, without patient consent, where it is reasonable to expect that obtaining consent could compromise an investigation, and the records being requested pertain to the investigation.
If you are struggling with a request from an insurer, you can seek more information from the insurer and/or contact the Office of the Information and Privacy Commissioner for BC to seek guidance on disclosure under PIPA.