Electronic Healthcare Records , Fraud Management & Cybercrime , Governance & Risk Management

Providing Patients With Records Access: Overcoming Challenges

Rita Bowen of MRO Corp. Discusses HIPAA 'Right of Access' Compliance Lessons
Providing Patients With Records Access: Overcoming Challenges
Rita Bowen, vice president of privacy, compliance and health information management policy, MRO Corp.

As federal regulators intensify their focus on compliance with requirements to provide patients with access to their health information, healthcare organizations need to sort through a variety of emerging challenges, says health information management and privacy expert Rita Bowen.

The Department of Health and Human Services' Office for Civil Rights has issued more than a dozen HIPAA settlements - ranging from $3,500 to $160,000 - in cases involving covered entities failing to provide timely access to a patient's requested health information.

Under HIPAA, covered entities must within 30 days fulfill patients' requests for copies of their health information in the format of their choice. But under a proposal issued by HHS OCR this month to modify the HIPAA Privacy Rule, that compliance timeframe could potentially be reduced to 15 days (see: HHS Reveals Proposed Changes to HIPAA Privacy Rule).

Additionally, the 21st Century Cures Act's interoperability and information blocking regulations slated to take effect in April aim to bolster patients' ability to access their electronic health information in real time via their smartphones through standards-based application programming interfaces (see: HHS Delays Data Sharing Regulation Deadlines).

Healthcare organizations need to examine if their policies and procedures involving patient record access requests need modifications or if their workforce needs additional training on how to comply, Bowen says.

In the interview (see audio link below photo), Bowen also discusses:

  • Evolving challenges involving patients' rights to access to their health information, including voice files;
  • Other lessons emerging from OCR's dozen HIPAA settlements involving records access disputes;
  • Considerations involving patient access to health information under the 21st Century Cures Act regulations.

Bowen is vice president of privacy, compliance and health information management policy at MRO Corp., a Norristown, Pennsylvania-based health information management vendor. She has more than 40 years of experience in health information management. She serves on The Sequoia Project board of directors and is an active member of its interoperability work group. Bowen is also a former president and board chair of the American Health Information Management Association.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.