More than a quarter of medical record providers are not compliant with the HIPAA Right of Access.
Providers without a score:
View the HIPAA Right of Access Survey to see an indication of compliance.
What does it mean to be compliant with the HIPAA Right of Access?
Record requests must be accepted by email or fax.
Records must be sent in the format requested – if that format can be readily produced.
Records must be sent within 30 days.
No unreasonable fees should be charged for records.
Want to improve your score?
Diagnosed with breast cancer, May 16, 2016
Diagnosed with Ovarian Cancer, September 2, 2016
Metastatic breast cancer since March 2014
Highlighting Five-Star Providers
“[The Scorecard] helps patients understand and know that we value their rights—that their right to access is very important to us and we hold it very high in terms of patient satisfaction as well as from the clinical perspective…. We understand the impact that [access to their records] may have on their overall care.”
RHIA, Director of HIM and Clinical Documentation Improvement (as reported in For the Record Magazine, March 2020)
“City of Hope Duarte Cancer Center has truly demonstrated their commitment to putting the patient first. Their medical records request fulfillment process is an excellent example of how seamless it can and should be for patients to be able to obtain all of their health information.”
Director, Records Retrieval, Ciitizen
The HIPAA Right of Access Webinar Series
Join Deven McGraw, Chief Regulatory Officer at Ciitizen, to discuss HIPAA Right of Access regulations, increased OCR enforcement, removing unnecessary friction, and putting patients first.
Sign up to receive information about:
Patient Record Scorecard updates, upcoming HIPAA Right of Access webinars, personalized webinars for your team, in-person feedback about improving your score, and more.