Does FMCSA’s medical card verification program violate HIPAA?

| November 23, 2012

Short answer: probably not.

When we shared news of Federal Motor Carrier’s notice to medical examiners and drivers that, during roadside inspections and other carrier investigations, FMCSA would be conducting random verification by phone of medical certifications in an attempt to validate that the DOT exams actually took place, reaction from drivers and other readers was immediate. Most salient among the points of view was the question of whether such requests for information would be in violation of the medical information privacy rules in HIPAA, or the Health Insurance Portability and Accountability Act of 1996.

A commenter identifying himself only as Jeff noted that he holds “a medical license in the state of Pennsylvania” and also drives. “If I would receive a phone call from someone stating that they are an officer,” he said, “I could not legally release any patient information to them because I can not verify who they are or for what reason(s) they are calling. Your medical records in any state are confidential and that is why it is called ‘doctor-patient confidentiality.'”

He then went on, “Also, the offices and doctors that are performing the physicals are not going to take the time to dig through the millions of records that they have in their offices to find one driver’s records.”

FMCSA’s notice of the policy change requested medical examiners’ cooperation on the issue in the first order, however, so they’re at least banking on doctors entertaining the calls and in fact digging through those records. Queried as to the policy, an FMCSA official reiterated that the “policy sets goals for FMCSA and State enforcement personnel to validate [Medical Examiner’s Certifications, or MECs] when possible and document their authentication of the MEC, during new entrant safety audits, roadside inspections, compliance reviews, and investigations, in order to mitigate the risk of a driver or carrier presenting a fraudulent or invalid MEC and to ensure consistency with the records of the Medical Examiner.”

Also, he went on to insist that verifying the medical card would not be in violation of HIPAA: “The Agency is not requesting any medically confidential information, which may be covered” by HIPAA, suggesting enforcement personnel would only be looking for confirmation of the examination from the examiner listed on the card, which information officers are of course privy to in the course of inspection.

No response was given to the question of whether tying up the driver at the roadside to confirm the info on the medical card was an appropriate use of agency time, however.

“The company the driver is working for or the owner-operator is leased to is (whoever has the DOT number on the door) responsible for this verification,” wrote a commenter posting as “dotdoctor.” “Why not hold the company accountable for doing its job instead of tying up drivers on the road and running them tighter against their 14-hour window?”

In the end, physical requirements are in place for a reason, noted independent owner-operator Mike “Mustang” Crawford in his commentary below the original post: “In the mid-60s I had to have physicals to play sports in High School. November 1965 I had to have a physical when I joined the Marine Corps and had to maintain a certain physical ability during my tour of duty. When I was a police officer and a firefighter I had to pass and maintain a required physical status and when I started driving in the 70s I had to pass a physical to get my DOT medical card and have had to get one every two years since then. What’s the big deal? I have to renew my CDL every few years and get a new Medical Card every two years (I keep them both in the same slot in my wallet), and have never had a problem when DOT or police or any one required to see my card. When and if I cannot pass my physical I will not whine and complain that others should pay me a Social Security disability … I will just figure another line of work and do it to the best of my ability.”

  • http://www.facebook.com/william.mckelvie William McKelvie

    The company the driver is working for or the owner-operator is leased to is (whoever has the DOT number on the door) responsible for this verification,” wrote a commenter posting as “dotdoctor.” “Why not hold the company accountable for doing its job instead of tying up drivers on the road and running them tighter against their 14-hour window?”

  • mousekiller

    I can understand inquiring into a driver medical qualifications if involved in a serious accident. But just indiscriminately search and demand medical information is not needed nor necessary to allow them to invade our privacy. During an inspection I have no problem showing my medical card nor my CDL and even my Twic card. The long form medical is certainly not the road side inspectors business. This just another part of the total control the government wants to have over all Americans and no place like the most controllable part like surface transportation. Drivers need to just all go on vacation at one time to put and end to this BS. I think 2 weeks would get the message across.

  • Marty Marsh

    Mustang, how many times did you have your phisical checked in those other fields to see if it was legit?

  • Marty Marsh

    You are guilty until proven innocent.

  • Rancher

    Today I spoke to my Doctor’s office staff and told them of the FMCSA intent to verify medical cards. They informed me that they would not confirm anything as it is a HIPPA violation. They said that they would require me to fax a release of records request to them with the name of the individual and their DOB and only then would they release any information. So any attempt by FMCSA to obtain information to verify my medical card would be in direct violation of HIPPA regulations.

OverdriveOnline.com strives to maintain an open forum for reader opinions. Click here to read our comment policy.