Three ways providers get HIPAA right of access wrong

The HIPAA Privacy Rule Right of Individual Access allows patients to request copies of their healthcare records. However, many provider organizations misinterpret this rule, leading to noncompliance and potential fines. Deven McGraw, chief regulatory officer at Ciitizen, highlights three common areas of noncompliance: only accepting requests by mail or fax, struggling with digital signatures, and requiring in-person visits for record requests. McGraw and Jodi G. Daniel discuss these issues in detail in their HIMSS20 Digital educational session.