Department of Health
HIPAA Protecting Health Information District of Columbia Department of Health State Center for Health Statistics Administration
HIPAA Privacy and Security Regulations: A Synopsis of the Relevant Mandates of Title II (Administrative Simplification)
Health Insurance Portability and Accountability Act of 1996 Public Law 104-191
In 1996 President Clinton signed the Health Insurance Portability and Accountability Act (HIPAA). This law mandates action that seeks to: 1) ensure continuity of healthcare coverage for individuals changing jobs; 2) impact on the management of health information; 3) simplify the administration of health insurance; and 4) combat waste, fraud, and abuse in health insurance and health care.
Title II: The Security and Privacy Mandates
Title II of the HIPAA law (also known as Administrative Simplification) includes requirements for ensuring the security and privacy of individuals’ medical information. The standards aim to maintain the right of individuals to keep private information about themselves.
The Department of Health and Human Services is charged with developing and issuing regulations to address these requirements. The final privacy rule was released April 14, 2001; compliance is now required by April 2003. The security rule is being finalized; the released date is expected to be June/July 2001.
HIPAA regulations protect medical records and other “individually identifiable health information” (communicated electronically, on paper, or orally) that are created or received by covered health care entities that transmit information electronically.
“Individually identifiable health information...” includes any information, including demographic information collected from an individual; and any information that identifies an individual, or could be reasonably believed to identify an individual HIPPA protects “individually identifiable health information” which… relates to the past, present, or future physical or mental health condition of an individual, the provision of health care or the payment for such care is maintained or transmitted, and is (or has been) in electronic form is used or disclosed by covered entities.
HIPPA rules were put in place to protect the privacy of medical records of the individual. Medical records can not be given to a 3rd. party without the written consent of the person whose medical records they are.
If the medical records are YOURS, you are entitled to a get copy of any and all,including labs, scan report reports, etc from the entity that has them...doctor's office, hospital, lab, or whomever. You may have to pay a reasonable cost for copying if your chart is large, but none of the practices that I ever worked for charged a patient. If an insurance company requests records and provides a patient signed permission form, the usual cost should be between $25-50, paid by the insurance company.
If you want medical records from anything done in a hospital, all you have to do is go to the "medical records" department and sign the proper forms. They may be able to copy a page or two while you wait, a large chart may take time.
If you are in the hospital and want medical records of your stay, it is best to make the request the day before you are released. You can send a representative to the medical records department to pick up and return the form or ask for a hospital social worker or patient representative to come to your room with the forms for you to sign.
If you are at a hospital or scan facility, you can request that a copy of your scan (digital cd or x-ray) be made for you at that time. If they are not able to make you a copy on the spot, get a specific day that one will be ready for you to pick up. They can also mail you a disc, if getting back to the facility is difficult. The actual written report will take a day or two as it has to be read by the proper person, dictated, typed, signed and filed. You should also ask when you can pick up this written report or ask that it be mailed directly to you.
If you want a copy of a drawn lab, biopsy, or the like, the same process as a written report should be followed, as it takes time to process the written report.
NEVER let a doctor tell you that you are not entitled to your medical records, or that you should not have a written report of a test that you have had done. Some doctors think they are "protecting" the patient from information that they "perceive" that the patient does not want to know. Some doctors DO NOT WANT an informed patient that will ask questions. They do not want to have to explain the terms on the reports. An informed, proactive patient is not what many doctors want.
It is your right to have your medical information, so that you may make informed decisions on your own healthcare!!! Be informed and proactive!!!