A community of 30,000 US Transcriptionist serving Medical Transcription Industry
Yes. The Privacy Rules allow hospitals to disclose patients' names and other directory information to anyone asking for the patient by name or to the clergy. Patients do not need to sign up to be included in the directory, but must be allowed to "opt out" and choose not to be listed.
Yes. The Privacy Rules limit the types of disclosures that are acceptable, but do not limit the ability of a physician to make a disclosure to any particular type of recipient, including a non-U.S. recipient.
A physician must enter into a Business Associate Agreement with its transcription company, regardless of where the company is located, so that safeguards to protect privacy are in place at the transcription service. The Privacy Rules require physicians to use appropriate safeguards when storing or transmitting information (within or outside of the U.S.), and the physician is responsible for ensuring that a subcontractor (such as a transcription service), wherever located, uses appropriate safeguards too.
Depending on where the physician is sending the patient information, local laws may also apply and the physician should consider consulting with legal counsel there as well