Many patients understand that the Health Insurance Portability and Accountability Act of 1996 (better known as HIPAA) is a law that prevents medical data from access by unauthorized individuals. It might not be clear what the law defines as an unauthorized individual but it is certainly not the patient. According to HIPAA, patients have a right to their own medical records and can give express authority to people or institutions that can access the data. Other patient rights under this law allow for correction of mistakes in the information and updates on people who accessed the file.
Despite the fact that these rights are given in a straightforward manner, 30% of patients have no idea or simply do not believe that they have a right to access their own medical records. Of the 70% that knew that they had the right, 40% never bothered to get their data mainly because they thought that the process would be too complicated. Out of those who took the step to access their medical data, more than 70% reported it as being beneficial. HIPAA is a complex legal document and while there is regulation to ensure extensive medical personnel HIPAA training, the public is left out. That is where we come in.
Access to personal health care data
In exercising this right, patients are required to submit a written request. Some institutions will ask for a certain fee while others will provide you with your data without charge. Although the OCR encourages free service in accessing medical data, some institutions factor in administrative costs such as postage and copying. Unless there are systemic challenges, the subject of your request should be with you within 30 days of application. Do you have outstanding bills and are concerned your request will not be honored? HIPAA rules that patients cannot be denied access to their data for failing to meet their financial obligations.
Healthcare facilities will give you data in either hard copy or electronic format in line with your preference. Provide a mobile phone of your choice or even a list of caretakers, family members or friends where the data can be sent. At least, have the data encrypted so that people without your express authority to access will not understand the content when they see it.
Correction of errors
If you are given access to your medical data and realize that some information is wrong or missing, a request can be made to change it. a healthcare professional must first agree to the error but if they do not, the proposal can still be indicated on the file. Approved corrections should reflect in your file within 60 days of making an application.
Knowledge of unauthorized access to data
HIPAA law protects data from being shared out to individuals who are not directly authorized by the patient. If data is accessed by unauthorized persons, the patient must be notified.