Government & Policy

Will providers deny patient requests to email medical records?

By Tom Sullivan
September 16, 2013
12:39 PM

As a self-described “rabble rouser” Brian Ahier plans to ask his doctor to send a medical record to a free e-mail account, if only to see what happens, after the omnibus HIPAA Final Rule on Privacy and Security kicks in.

“It’s obviously not the biggest thing in the omnibus rule but it’s there, relatively unknown,” Ahier, founder of Advanced Health Information Exchange Resources (AHIER) said. “And that makes it incredibly interesting.”

Ahier is not the only one to think that.

For a brief stretch Monday morning Twitter was ablaze with Tweets bearing the #NHITweek or #HealthITWeek hashtags and replete with surprise at OCR director Leon Rodriguez’s revelation about what was at the core of the most significant HIPAA violation to date.

@motorcycle_guy @motorcycle_guy:

9:53am via Twitter for iPad

The single largest HIPAA settlement was not about security or privacy, but access $4.3M #HealthITWeek

What’s more …

@Lygeia@Lygeia

10:30am via Twitter for iPhone

New OCR #hipaa clarifications say u can get your electronic health info sent wherever YOU want #bluebutton

Indeed, when the omnibus rule kicks in on September 23, among the perhaps lesser-known changes will be that, if asked, providers must send a patient’s medical record to whatever email address said patient offers.

“The doctor is allowed to warn them of the risks, however, they’re not allowed to deny that request,” Ahier said. “So if a patient wants you to send it to their Hotmail, you have to send it to their Hotmail — and I don’t think a lot of healthcare organizations realize that.”

Ahier said he is expecting this to trip up many providers in the short-term, particularly problematic because OCR has indicated that it will aggressively enforce the patient access rights that are expanding under the HIPAA omnibus rule.

“Certainly if you go to the medical records division or the records release folks, the staff that are going to be dealing with these types of requests would respond by saying ‘No, I’m sorry we can’t do that. That’s not secure,’” Ahier explained. “There will be providers that won’t do that and it’s actually a violation of HIPAA law to deny the patient that right.”

For more on the new patient rights under HIPAA, OCR posted a three-minute video to YouTube that also explains some of the marketing and fundraising changes.

See also:

What scares health pros most about omnibus HIPAA

4 risk factors to understand about HIPAA final rule on privacy and security

Want to get more stories like this one? Get daily news updates from Healthcare IT News.
Your subscription has been saved.
Something went wrong. Please try again.

Top Story

VA building signage
House passes veterans healthcare package without RESET Act

Most Read

What Loper Bright and the end of Chevron deference mean for HHS
India to harness ABDM data to develop public AI
South Korea to digitise medical image exchange system
ASTP intros 2024 draft Federal FHIR Action Plan
VA must strengthen controls addressing EHR performance
HHS investing $75 million in rural healthcare infrastructure

Research

White Papers

More Whitepapers

Patient Engagement
Patient Engagement
Financial/Revenue Cycle Management

Webinars

More Webinars

Imaging
Interoperability
Artificial Intelligence

More Stories

Dr. Benoit Desjardins of the University of Montreal
Cyberattacks are becoming more widespread, and more disruptive
Northwestern Medicine
Northwestern Medicine announces international healthcare collaboration
BJ Schaknowski of symplr
Too many IT systems with limited alignment impacts care quality
Doctor in scrubs using computer
Tenet to deploy AI platform across its physician network
Healthcare CIO with other healthcare executives
Health system CIOs' strategic responsibilities continue to evolve
George Pappas at Intraprise Health_Digital shield and lock Photo by da-kuk/Getty Images
Tighter cyber mandates hold New York providers to higher security standards
Clinicians look at diagnostic imaging
American College of Radiology launches AI quality registry
A doctor with glasses sits at a desk and speaks during a telehealth visit.
DEA and HHS extend virtual prescribing for controlled substances through 2025