Back

The Patient Record Scorecard

A deep analysis showing how medical record providers comply with the HIPAA Right of Access based on patient requests.

Scorecard reflects responses to patient requests for access from 2/10/19 – 2/13/20. Scoring is ongoing.

Don’t have a score yet? View the HIPAA Right of Access Survey to see an indication of compliance.

Contact us about your institution’s score.

Methodology.

Back to Top

Health Institution

Score

Reported As Of

Non-HIPAA compliant

HIPAA compliant Substantial intervention

HIPAA compliant Minimal intervention

HIPAA compliant Seamless process

HIPAA compliant Patient focused

21st Century Oncology 2270 Colonial Blvd, Fort Myers, FL

2/13/20

21st Century Oncology – Andalusia 104-A Medical Park Dr., Andalusia, AL

2/13/20

5th Avenue Millennium Aesthetic Surgery 1125 5th Avenue, New York, NY

2/13/20

Aaron Smith Plastic Surgery 5901 Corporate Drive, Colorado Springs, CO

2/13/20

ABC medical 8 Medical Parkway Plaza II, Suite 106, Dallas, TX

2/13/20

Abilene Regional Medical Center 6250 U.S. 83, Abilene, TX

2/13/20

Adena Regional Medical Center – Chillicothe 272 Hospital Road Chillicothe, OH 45601, Chillicothe, OH

2/13/20

Advanced Internal Medicine Care 5425 Florida Avenue South, Lakeland, FL

2/13/20

Advanced Urology – Redondo Beach and Westchester 8540 S Sepulveda Blvd suite 911, Los Angeles, CA

2/13/20

AdvantageCare Physicians 500 5th Avenue, New York, NY

2/13/20

AdventHealth Cancer Institute – Altamonte Springs 601 East Altamonte Drive, Altamonte Springs, FL

2/13/20

AdventHealth Tampa 3100 East Fletcher Avenue, Tampa, FL

2/13/20

Adventist Health and Rideout 726 4th Street, Marysville, CA

2/13/20

Advocate Good Samaritan Hospital 3815 Highland Avenue, Downers Grove, IL

2/13/20

Advocate Illinois Masonic Medical Center 836 West Wellington Avenue, Chicago, IL

2/13/20

Advocate Sherman Hospital 1425 North Randall Road, Elgin, IL

2/13/20

Alazar Medical Group 895 North Nolan River Road, Ste 102, Cleburne, TX

2/13/20

Allegiant Spine Institute 7140 Smoke Ranch Road, Las Vegas, NV

2/13/20

Allergy, Asthma and Immunology : Dr Iraklis Livas 1019 Majestic Dr #210, Lexington, KY

2/13/20

Allina Health 333 Smith Ave N, St Paul, MN

2/13/20

Alpha Omega Physical Therapy 861 E Cooley St b, Show Low, AZ

2/13/20

Altru Clinic Roseau 711 Delmore Drive, Roseau, MN

2/13/20

Alvernon Allergy and Asthma 6261 N La Cholla Blvd # 101, Tucson, AZ

2/13/20

AMITA Health Saint Joseph Medical Center 333 N. Madison St., Joliet, IL

2/13/20

Amita St. Joseph Hospital 2900 North Lake Shore Drive, Chicago, IL

2/13/20

Ampla Health – Yuba City 935 Market Street, San Francisco, CA

2/13/20

Ann and Robert H Lurie Childrens Hospital 225 East Chicago Avenue, Chicago, IL

2/13/20

Annapolis Endocrinology 108 Forbes St #2, Annapolis, MD

2/13/20

Anne Arundel Medical Center 2001 Medical Pkwy, Annapolis, MD

2/13/20

Anne Arundel Urology 600 Ridgely Ave #130, Annapolis, MD

2/13/20

Aras Zlioba 219 N Hammes Avenue, Joliet, IL

2/13/20

Arizona Center For Cancer Care 10460 North 92nd Street, Scottsdale, AZ

2/13/20

Arizona Eye Consultants 6422 E Speedway Blvd #100, Tucson, AZ

2/13/20

Arizona Kidney Disease and Hypertension Centers Flagstaff, AZ

2/13/20

Arizona Oncology 3188 North Windsong Drive, Suite A, Prescott Valley, AZ

2/13/20

Arizona Oncology 19646 N 27th Ave Suite 406, Phoenix, AZ

2/13/20

Arizona Oncology and Hematology 2222 E Highland Ave Suite 400, Phoenix, AZ

2/13/20

Arizona Oncology Associates 2222 E Highland Ave Suite 400, Phoenix, AZ

2/13/20

Arizona Transplant Associates 2218 North 3rd Street, Phoenix, AZ

2/13/20

Art of Medical Care 499 East Hampden Avenue, ste 450, Englewood, CO

2/13/20

Arthrocare 2451 E Bayside Rd Ste. 440, Gilbert, AZ

2/13/20

Asante Rogue Regional Medical Center 2825 East Barnett Road, Medford, OR

2/13/20

Asante Three Rivers Medical Center 500 Southwest Ramsey Avenue, Grants Pass, OR

2/13/20

Ascension St. Mary’s Hospital 2251 North Shore Drive, Rhinelander, WI

2/13/20

Ascension St. Vincent 2001 West 86th Street, Indianapolis, IN

2/13/20

Ascension St. Vincent Anderson Regional Hospital 2015 Jackson St, Indianapolis, IN

2/13/20

Aspirus Wausau Hospital 333 Pine Ridge Boulevard, Wausau, WI

2/13/20

Atlantic Health Morristown Medical Center 100 Madison Avenue, Morristown, NJ

2/13/20

Atlantic Hematology/Oncology 19 Davis Avenue, 2nd Floor, Neptune City, NJ

2/13/20

Atlantic Medical Imaging – Wall Location Ramhorn Executive Office Unit B, 2399 New Jersey 34, Manasquan, NJ

2/13/20

The Patient Record Scorecard Methodology

The Patient Record Scorecard grades health care providers on how well they comply with a patient’s request, under the HIPAA Privacy Rule, to get copies of their medical records. Although there are a number of state laws that set a higher bar for patient access to records, only compliance with the HIPAA Privacy Rule was evaluated.

The score – between 1 to 5 stars – is based on the response of health care providers to one or more actual records requests submitted by patients (the patients request that their information be sent to their Ciitizen personal health record accounts). Ciitizen helps these patients by following up with each provider to make sure the patients’ requests get fulfilled.

The goal of the Patient Record Scorecard is to encourage and guide every health care provider to ultimately reach and maintain five stars.

How we reach the score

The star ratings are based on compliance with four key components of the HIPAA Right of Access:

Accepts requests by email or fax: Providers may not create a barrier to access by requiring patients to submit requests in person or by mail. (45 CFR 164.524(b)(1), https://www.hhs.gov/hipaa/for-professionals/faq/2036/can-an-individual-through-the-hipaa-right/index.html)

Sent in format requested: The provider sends the records in the format the patient requests, which is in digital – including by email – for text, CD for images. (45 CFR 164.524(c)(2)(ii)), https://www.hhs.gov/hipaa/for-professionals/faq/2060/do-individuals-have-the-right-under-hipaa-to-have/index.html.

Sent within 30 days*: The provider responds to the request within 30 days of receipt. (45 CFR 164.524(b)(2)(i))

*Providers can get credit for meeting the “within 30 days” component if within 30 days they provide a written statement of reasons for the delay and the date by which the records will be provided, and if the records are received within 60 days of receipt.

No unreasonable fees: Providers may only charge reasonable, cost-based (i.e., minimal) fees to cover labor costs of copying and supplies. (45 CFR 164.524(c)(4))

Star Ratings

One-Star - Non-HIPAA compliant​

Providers get one star for accepting an access request from a patient by fax or e-mail. This means the provider at least has a HIPAA-compliant process in place for accepting patient record requests (for example, the patient is not asked to mail in a request or make the request in person).

Two-Stars - HIPAA compliant Substantial intervention​

A provider earns two stars if they:

  • Meet all four of the HIPAA compliant components
  • Request had to be escalated more than once to a supervisor or the provider’s privacy official to ensure it was fulfilled in compliance with HIPAA. The need for intervention puts undue burden on the patient.

Three-Stars - HIPAA compliant with minimal intervention​

A provider earns three stars if they:

  • Meet all four of the HIPAA compliant components
  • Request required only one escalation to a supervisor or chief privacy officer to educate, and bring to their attention, that staff were not meeting HIPAA requirements.

Four-Stars - HIPAA compliant with seamless process​

A provider earns four stars if they:

  • Meet all of the HIPAA-compliant components
  • Request was processed seamlessly (i.e. without the need for any additional escalations to supervisors or privacy officials).

Five-Stars - HIPAA compliant and patient focused​

Providers who earn five stars go above and beyond to put patients first by doing the following:

  • Send records in five days or less
  • Accept external request forms (i.e., not requiring that patients use a specific form)
  • Provide patients their records for free

For those health care providers where more than one request was submitted, the score reflects the provider’s performance based on the most recent records request. The Scorecard will be revised every three to six months to include new entries and updated scores from existing providers.