Troubling Practices by Hospitals for Patients’ Access to Medical Records Uncovered

Laura Gerdes Long

By Laura Gerdes Long

A new study published in JAMA Network Open and conducted by Yale University School of Medicine found troubling practices at U.S. hospitals relating to patients’ access to and provision of patients’ own medical records.  HIPAA’s Privacy Rule absolutely requires access to a medical record when properly requested under two circumstances:  (1) to the patient; and (2) to the Secretary of the Department of Health and Human Services.  Further, the patient must be provided records in his or her preferred format and for a reasonable processing fee.  Shockingly, only 53 percent of the hospitals surveyed provide patients an option to obtain their own medical records.  (Eighty-three top-ranked U.S. hospitals in 29 states were surveyed.)

The blame for these results or findings should not be placed on HIPAA, but rather, the policies and procedures in place, and clearly not in place, at many of the top-ranked hospitals in the U.S.  The process at many hospitals is overly complicated, despite a patient’s entitlement to both paper and electronic records.

A full 15 years following the implementation of the HIPAA Privacy Rule should be a sufficient amount of time for hospital staff at registration desks, and in billing offices and medical records departments to be able to properly satisfy HIPAA’s Privacy Rule mandates.

For a full analysis of the study, please click here.

Posted by Attorney Laura Gerdes Long. Long practices in tort, insurance defense, legal malpractice, health care, and employment law. Well-versed in employment law policies and processes related to HIPAA, she serves as a trainer and advisor to health care providers, insurers, self-insured employers, and municipalities.

Comments are closed.