Yes, this method is called de-identifying. De-identified patient data is health information from a medical record that has been blacked out and all of the information that can identify a patient is hidden from a third party. Under the HIPPA laws, there are certain rules that allow blacked-out or "de-identified" health information to be disclosed to a 3rd party and used without restriction. In this process, specified identifiers or information that can identify a person are removed, such as the patient’s birth date, household members, employers, etc.
In 2002, the Privacy Rule was added to the Health Insurance Portability and Accountability Act (HIPAA) of 1996. This rule established, for the first time, national standards to protect the privacy of personal health information. This rule works in cooperation with state law, such that, where conflicting, the more stringent provision will rule.
The Rule allows blacked-out, redacted, or "de-identified" health information to be disclosed and used without restriction. In this process, specified identifiers are removed, such as the patient’s birth date, household members, employers, etc. De-identified health information does not identify or provide a reasonable basis to identify a patient.
Most cases have allowed the use of medical records with names blacked out. However, a recent court decision did not allow the disclosure of medical information of 45 women who had late-term abortions, even if their names were blacked out. The court stated that it would still be an invasion of privacy, because it would be emotionally difficult on the women to know that their records were being accessed.
Another factor coming from the case is that an attorney needs to have a good reason to get the medical records.
The Privacy Rule under HIPPA applies to all health plans, healthcare provider homes, and to any health care provider that transmits heath information in an electronic form. Individual and group plans that provide or pay the cost of medical care are covered entities as well.
HIPPA laws and regulations regarding to medical claims can be very complex. Medical cases can be expensive to pursue because they concern an extensive amount of research. Violating a patient’s privacy rights under HIPAA can carry heavy criminal charges and civil damages. The benefit of an attorney would be invaluable, and you should speak to a personal injury lawyer to learn more about your case and the recovery that may be available to you.