The Beckage Health Law team continues to monitor OCR developments that relate to patient access rights. In 2020, it became clear that patient right of access to records is a significant priority of the Office of Civil Rights (OCR), under the Department of Health and Human Services (HHS). Just last month OCR reported on a settlement, audit results, and proposed rules, all focused on patient access to records.
For example, on December 22nd, OCR announced the settlement of its 13th investigation focused on health records access. The investigation followed a patient complaint to the OCR after the patient was unable to obtain records from his primary care provider on two separate occasions in 2019. Emphasizing the importance of workforce training and documentation, the OCR issued a $36,000 fine and required the provider to update its Designated Record Set Policy as part of the Corrective Action Plan.
In December, we also saw the release of an audit report on health industry compliance for audits conducted during 2016-2017. The December 17, 2020 report reveals findings for audits of randomly selected entities and business associates. Of note, most organizations failed to include appropriate content in plain language in their Notice of Privacy Practices, and often missing content related to individual rights. Moreover, the report notes that many entities did not have appropriate policies, procedures, and documentation to demonstrate compliance with rules about how to respond to requests for records.
Finally, as described more fully in Beckage’s recent blog posted about HHS proposed rules OCR proposed amending the HIPAA Rule, including amendments to expand patients’ rights to access records, increase transparency about these rights, and shorten providers’ time to respond to records.
These three developments reaffirm OCR’s strong commitment to enforce the patient access rules, which we expect will continue in 2021.
Beckage health law attorneys work with hospitals, health care providers and business associates to develop a compliance program tailored to mitigate risk. Our team has significant experience in OCR enforcement matters and investigations. We recommend that clients prioritize a review of their Notice of Privacy Practices and as well as patient access policies to help mitigate risk. Reach out to our Beckage Health Law team for assistance analyzing these and other regulatory and legislative matters.
*Attorney advertising. Prior results to not guarantee a similar outcome.
Subscribe to our newsletter.