ConditionsYou may contact a patient or view her health information, according to the U.S. Department of Health and Human Services guide to HIPAA, under the following conditions: You need it to provide medical care, process billing, or make a legal report; you are an immediate family member; or the patient has given her written permission for you to view her protected health information.
LimitationsUnless you meet the HIPAA guidelines, you will be limited in how you may contact a patient or get information, even if you know the patient. For example, if you wish to pay your 18-year-old daughter's medical bill, the doctor's office will not tell you what she owes unless she has given written permission to share it with you.
RegulationsIf you need access to the patient's protected health information, HIPAA law requires you to have his permission, usually in writing. If possible, always arrange for a written document of legal representation beforehand, and bring your identification with you to the hospital or doctor.
As a practical matter, at most hospitals, if you know the patient's first and last names, and you can spell them correctly, staff will tell you his room number, but nothing else. However, if you contact the hospital operator and give her the room number, she will connect you to the patient's phone extension.