How Does Your Practice Respond to a Patient’s Right of Access?

How does your practice respond to a patient’s request to access their records? The HIPAA Privacy Rule gives patients the right to see and get copies of their health information. Providers are required to respond to those requests in a timely manner and only charge the patient a reasonable fee. Since the original HIPAA Privacy Rule was published, conflicting guidance has caused a lot of confusion about the process. Patients who have trouble getting copies of their records or are charged high fees for copies have filed complaints with The Office for Civil Rights (OCR). The OCR issued its 27th Right of Access Initiative settlement agreement in March 2022.

Join Abby G. Mitchell, HCISPP, CRISC, CHPC, CHC, as she gives an update on the OCR’s Right of Access Initiative and walks you through the requirements for patient access requests, permitted fees, and what to consider when developing your process.

After attending this webinar, an attendee should be able to:

  • Discuss the importance of the patient’s right of access granted by HIPAA
  • Identify the components of a designated record set.
  • Describe the different types of access requests.
  • Recall guidance on allowable fees for access requests.

 

Lecturer – Abby G. Mitchell, HCISPP, CRISC, CHPC, CHC

Abby began her career as a corporate paralegal and has worn many hats in large companies as well as healthcare startups. Prior to joining Total Medical Compliance, she served as Privacy Officer and Data Governance Liaison at CoverMyMeds. Abby earned a bachelor’s degree in German translation and paralegal studies from Kent State University and holds privacy and security certifications from the Health Care Compliance Association, ISACA, and ISC2. She currently volunteers as the Vice President of the Charlotte, North Carolina Chapter of the Information Systems Security Association.

No CE credit for the recorded version.

On-Site Consulting Services Available

Along with your on-site full service program, you’ll receive all the compliance components you need to be OSHA and HIPAA compliant. You have access to online training for new hires or those that missed any on-site training. 

What to expect when we visit: Your TMC consultant will go through your facility and do a thorough facility audit with an electronic report, go over the Compliance manual, and provide on-site training. 

For our OSHA clients, we provide you with a complimentary spill kit, secondary labels, and meet with your Safety Officer and review their duties.

For HIPAA clients, your facility audit will identify any privacy and security concerns, we’ll provide you with a risk analysis report for your facility, and we’ll meet with your Privacy/Security Officer to review their duties. 

Whether you choose us for OSHA, HIPAA, or both, we will work with you to achieve compliance to create a long-lasting relationship rather than just providing a how-to guide leaving you to do all the work. Our goal is to be your primary resource for HIPAA, OSHA, and Infection Control compliance.