The summer movie season is now officially in full swing, with the release of three informational videos regarding HIPAA and the right of individuals to access their medical records, published by the Office of Civil Rights of the Department of Health and Human Services.
The video trilogy, and accompanying infographic, are the eagerly-awaited sequel to OCR's guidance "Individuals' Right under HIPAA to Access their Health Information 45 CFR § 164.525," issued earlier this year. That guidance is essential reading for companies operating in the medical records space, as it sets forth OCR's views on such topics as how records must be provided upon request, methods for calculating reasonable fees for copies, and provision of medical records to third parties at a patient's direction.
Like many sequels, the videos do not break much new ground, but they do suggest the kinds of questions OCR receives and its emerging areas of focus. One clear message is OCR's focus on health-related mobile device applications; one video gives the example of a heart-health application that tracks cholesterol and other heart-health indicators received from medical testing. The guidance notes that providers, when faced with a request to make information directly available to mobile applications, must analyze whether such provision is feasible and would not represent an unacceptable level of security risk to the provider's systems.
To view Foley Hoag's Security, Privacy and The Law Blog please click here
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
