Electronic Health Records

Use & Optimization News

HIPAA Changes to Help Patient Access to Health Information

“The guidance released yesterday is an important step forward in helping patients exercise their right to access their health information under HIPAA, including electronically."

By Sara Heath

Earlier this week, the Department of Health & Human Services (HHS) announced several changes to HIPAA, increasing patient access to health information.

These changes are applauded by the industry stakeholder group the National Partnership for Women & Families and the members of its GetMyHealthData campaign.

According to a press release from the organization, these HIPAA changes will help improve the healthcare industry at large by creating more clarity for how patients may access their health information, and opening up more pathways by which they can access the information.

Officials from the National Partnership for Women & Families explained in the press release the findings they have uncovered regarding patient access to health information. According to a cohort of patient testimonials, receiving one’s health information under HIPAA guidelines can often be confusing, and that confusion can put limitations on how much personal health information patients are able to access.

“The guidance released yesterday is an important step forward in helping patients exercise their right to access their health information under HIPAA, including electronically. Our cadre of volunteer ‘tracer’ patients has found that, unfortunately, confusion surrounding HIPAA persists and often means that patients don’t get the kind of access to their health care information they need,” said the campaign’s coordinator Christine Bechtel.

Through several clarifications provided by HHS, the campaign members hope that patient access to health information will become easier in the future.

Specifically, the HHS notice states that providers should respond to patient requests as soon as possible, and that they cannot require patients to pick up their health information in person. The HHS announcement also addressed several challenges specifically identified by the GetMyHealthData Campaign, including:

  • How patients may request their records, making clear that providers cannot require patients’ physical presence or the use of regular mail.

  • If a patient requests a particular electronic format (e.g., a machine-readable format such as a CCDA or PDF), electronic copies must be provided as long as the health care provider is able to readily produce a copy in that format. HHS is clear that the form and format of the records request is a question of provider capability (rather than willingness).

  • The scope of the information patients can obtain, per the “designated record set,” includes medical records; billing and payment records; insurance information; clinical laboratory test results (including genomic information generated by a clinical laboratory); wellness and disease management program files; and clinical case notes.

  • The time requirement for patients to receive their records is still 30 calendar days but HHS clarifies that with modern electronic health systems, turnaround time could be shorter and encourages providers to treat the 30-day mark as an “outer limit.”

The clarifications also include information regarding the transmission of health data to someone other than the patient (such as a family caregiver) and HIPAA-regulated patient access to health information under meaningful use requirements. All of these have also received praise from the GetMyHealthData Campaign.

“HHS’ guidance is helpful for health information management professionals who have long been committed to ensuring that patients can get their data in a timely manner,” said AHIMA CEO Lynne Thomas Gordon, MBA, RHIA, CAE, FACHE, FAHIMA. “We’re enthusiastic about sharing these new resources with our members, many of whom serve as liaisons between patients and health care providers, to improve the availability of health information across the health care landscape.”

These new HIPAA provisions were spurred by the national debate regarding the purchase of firearms. Several of the key components of the HIPAA changes allow covered entities to share health information with the National Instant Criminal Background Check System (NICS). This is all intended to close any gaps in who receives a background check when purchasing a firearm.

According to the new rule, these changes will only apply to a small subset of behavioral health entities who are able to contribute information for a background check, and will not disturb the patient-provider relationship:

“This rule applies only to a small subset of HIPAA covered entities that either make the mental health determinations that disqualify individuals from having a firearm or are designated by their States to report this information to NICS – and it allows such entities to report only limited identifying, non-clinical information to the NICS."




Sign up to continue reading and gain Free Access to all our resources.

Sign up for our free newsletter and join 60,000 of your peers to stay up to date with tips and advice on:

EHR Optimization
EHR Interoperability

White Papers, Webcasts, Featured Articles and Exclusive Interviews

Our privacy policy

no, thanks

Continue to site...