Pain Management Compliance in Tennessee

By Justin Joy, JD, CIPP
February, 2017

Physicians and advanced practice providers managing chronic pain should be aware of the changes to the Tennessee Chronic Pain Guidelines which are posted on the licensing board websites. For ease of identifying the changes, a copy of the guidelines is available on SVMIC’s website (www.svmic.com). Notable changes include new assessment tools, Non-Opioid therapies appendix and an updated urine drug testing appendix.

Owners of Pain Clinics in Tennessee have new guidelines outlining the requirements of the Medical Director, pain management specialist and clinic owners. Notably, the guidelines state: Medical directors and pain specialists should have a direct and supervisory role in the care of their pain patients. Direct involvement in care includes:

  1. If the plan of care is initiated by a nurse practitioner or physician assistant, the medical director or the pain specialist should see the new patient within 30 days of the initial evaluation when opioids are a part of the plan of care. The medical director must be actively involved in ongoing patient care.
  2. Medical directors are responsible for establishing and documenting a system of medical oversight that ensures at least an annual face to face visit with the medical director and/or pain specialist for opioid management.

Additionally, there are new “Pain Medicine Clinic Effective Practices” for establishing quality of care which may be used during review or evaluation of a pain clinic’s practices. Examples of best practices are outlined in the following categories:

  • Individualized interdisciplinary care is provided with clinically appropriate and timely adjustments.
  • There is evidence of effective care coordination.
  • There is evidence of timely screening for substance use disorder and referral as clinically appropriate.
  • Functional outcomes are used as the primary measure of success of treatment.
  • There is ongoing emphasis on patient education.
  • Naloxone is prescribed for patients at higher risk for overdose or overdose death.
  • There is evidence of compliance with legal requirements for licensed pain medicine clinics.

Changes in Federal Alcohol & Drug Abuse Regulations

Providers offering alcohol and drug abuse treatment should also be aware of a recent change in the federal Confidentiality of Alcohol and Drug (A&D) Abuse Patient Records regulations.  There were a number of changes implemented in the final rule with an effective date of February 17, 2017.  The changes were intended to update and modernize the nearly 30-year old regulations and to “facilitate information exchange within new health care models while addressing the legitimate privacy concerns of patients seeking treatment for a substance use disorder.” 

Given the sensitivity of the information contained in these records, the regulations at 42 CFR Part 2 provide more stringent privacy protection than many other health privacy laws, including HIPAA.  Regarding the changes to these confidentiality provisions, the new regulations permit a patient to consent to the disclosure of their information using a general designation (e.g., “my healthcare providers”) in certain circumstances.  This revision is intended accommodate patients being treated in integrated health care systems but patients are not required to permit such categorical disclosures.  For patients who have agreed to a general disclosure designation, patients can request a list of entities to whom their information has been disclosed to.  The regulations have also been updated and modernized to address both paper and electronic documentation.  Providers subject to the 42 CFR Part 2 Rules should remember that, unlike medical records under HIPAA, disclosures of A&D records must be accompanied by a notice regarding the prohibition on re-disclosure of the records.  The A&D record rules also have a specific disclosure form content requirement.


Justin Joy, JD, CIPP

About the Author

Justin Joy is an attorney with Lewis, Thomason, King, Krieg & Waldrop, P.C. He has a variety of experience in the area of information privacy and cybersecurity including security incident investigation, security awareness and policy drafting, cyber risk management including insurance policy coverage consultation and breach response management. He also provides counsel  in healthcare liability defense and healthcare compliance matters. As Lewis Thomason's chief privacy officer, Justin promotes an awareness of privacy and security-related issues for the firm. Justin has earned the Certified Information Privacy Professional/United States (CIPP/US) credential through the International Association of Privacy Professionals (IAPP).


The contents of The Sentinel are intended for educational/informational purposes only and do not constitute legal advice. Policyholders are urged to consult with their personal attorney for legal advice, as specific legal requirements may vary from state to state and/or change over time.