This page addresses follow-up questions and additional information pertinent to our webinar
Navigating Complex Uses and Disclosures in Today’s ROI Landscape Part 2: Minor Records.
** The coding information and guidance are valid at the time of publishing. Learners are encouraged to research
subsequent official guidance in the areas associated with the topic as they can change rapidly.

Q:  Can a parent ever be denied access to their child’s medical records?

A:  Yes – there are several situations where a parent can legally be denied access to their child’s health records. While parents generally have the right to access their child’s medical information, both HIPAA and state laws carve out some important exceptions.

One big exception comes up when a minor is legally allowed to consent to their own care – and many states allow this in situations like reproductive health services, mental health counseling, substance use treatment, and testing and treatment for sexually transmitted infections. In those cases, the minor—not the parent—controls access to those specific records. If a parent asks for records in these circumstances, the minor’s permission is required to grant the access.

Another situation where access can be denied is if releasing the information to a parent could put the child at risk. For example, if there’s suspected abuse or domestic violence, HIPAA allows the provider to protect the child’s privacy and refuse the request.

A court order or custody agreement can also limit or define exactly what a parent is allowed to access. If a judge has ruled that one parent should not have access to certain health information, the provider must follow that legal directive – even if the parent insists otherwise.

In short, while parents often do have access, it’s not automatic or unlimited. ROI and compliance teams must carefully review the type of care, the patient’s age and legal rights, and any court documentations before releasing minor’s records. It’s all about balancing parental involvement with legal privacy protections and the best interests of the minor.

Q:  When can a minor control their own health records?

A:  HIPAA generally considers a parent or legal guardian as the personal representative of a minor, and as such grants them access to the child’s protected health information (PHI). However, this right to access is often limited by state law – especially in situations where the minor can consent to their own care.

A minor may have control over their health information if:

• They have the legal right to consent to care on their own under state law.
• The minor is emancipated.
• The minor receives confidential services (i.e., sexually transmitted infection testing, pregnancy-related care) and state law doesn’t require parental involvement.

These exceptions vary widely by state, so understanding applicable state laws is critical in disclosure decision-making.

Q:  What happens when a minor turns 18 while still receiving treatment – who controls the records then?

A:  Once a minor reaches the age of majority, they’re considered an adult and as such, control access to their own health records – even if the parent is still paying for care. The parent would then need written authorization from the now-adult child to access or request records. And remember, the age of majority is 18 in most states, but not all. Alabama and Nebraska define the age of majority as 19, and in Mississippi, it is 21.

Looking for additional information on this topic?