Lexology March 22, 2021
Holland & Hart LLP

With limited exceptions,1 HIPAA generally gives individuals the right to access or obtain copies of their protected health information (“PHI”) from covered entities. (45 CFR ยง 164.524(a)). But the right of access does not apply to all PHI that a covered entity might have; instead, individuals only have a right to access information in their “designated record set”. This article summarizes relevant standards for determining which records patients have a right to access.

1. Government Focus on the Right of Access. The right of access has been a priority for the Office for Civil Rights for several years. In 2016, the OCR published comprehensive guidance on individual access rights. (https://www.hhs.gov/hipaa/for-professionals/privacy/guidance/access/index.html). In 2019, the OCR launched its “Right of Access Initiative”...

Today's Sponsors

LEK
ZeOmega

Today's Sponsor

LEK

Continue Reading

 
Topics: Govt Agencies, Healthcare System, HIPAA, Patient / Consumer, Privacy / Security, Provider
Related Articles:
Addressing The HIPAA Blind Spot For Crisis Pregnancy Centers
6 Important Takeaways for HIPAA Covered Entities and Business Associates from 2024 NIST HHS OCR Conference
HHS settles 2 ransomware investigations as attacks rise
Safeguarding Health Information: Takeaways from HHS and NIST 2024 HIPAA Security Conference
White House OMB is reviewing proposed cybersecurity updates to HIPAA

Share This Article