HIPAA Privacy Regulations under Designated Record Set (DRS)

Event Information
Product Format
Prerecorded Event
60 minutes
Product Description

HIPAA Designated Record Set (DRS) to Meet Patient Rights Requirements & Satisfy HHS OCR Investigators

Several of the patient rights under HIPAA depend on your understanding of what constitutes records in the HIPAA Designated Record Set. Patients are only allowed to request access or amendment of information in your official Designated Record Set (DRS), but recent enforcement and audit activity indicates that not all HIPAA Covered Entities understand what constitutes records in the DRS, and do not always meet patient rights requirements that depend in an accurate understanding of the DRS.

The Designated Record Set is not a new concept in HIPAA, but it is newly important, as patients now have greater access to their information and are more able to view it and ask for corrections when they see errors. Issues relating to the DRS have been identified by HHS Office for Civil Rights officials as some of the most frequently reported HIPAA compliance issues, pertaining to proper provision of access and amendment rights, and having a clear understanding of exactly what records are considered to be within the organization’s Designated Record Set. Enforcement and Audit activity is expected to focus on DRS-related issues of access and amendment, and having your DRS clearly defined and understood is essential to meet patient rights and satisfying HHS OCR investigators.

In this session, expert speaker Jim Sheldon-Dean will show why the Designated Record Set must be defined, and its significance to HIPAA rights for individuals. Jim will show how defining the DRS fits into other HIPAA Privacy and Security activities—and how ignoring the process of defining your DRS was the top privacy issue discovered in the 2012 HIPAA Audits. You will understand how not providing for the exercise of patient rights can lead to fines of more than a million dollars in enforcement actions.

Session highlights:

  • Learn what the definition of the HIPAA Designated Record Set is and why it is important.
  • Learn how to go about defining your Designated Record Set.
  • Learn about how to leverage HIPAA Security Rule compliance activities to help in the definition of your Designated Record Set.
  • Find out about sometimes forgotten data that belongs in the DRS at your organization.
  • Find out what the HIPAA Privacy regulations require for documenting the DRS.
  • Discover the processes you must have in place for the proper approval and denial of access of records by individuals as appropriate, including processes for the review of certain denials of access.
  • Find out about HIPAA requirements for handling requests to amend records, as well as the requirements to protect all PHI, including that in the Designated Record Set.
  • Learn about how the HIPAA audit and enforcement activities are now being increased and are focusing on Designated Record Set compliance issues, and what you need to do to survive a HIPAA audit.

Jim will also cover:

  • HIPAA Privacy and Security Rules and Breach Notification Rule
  • A definition of PHI and the distinction between disclosure and use
  • What is included and NOT included in your DRS
  • HIPAA Right to Access and Denial of Access to PHI
  • Detail of the Access Process and Individual Preferences
  • New Guidance on PHI Access and §164.526
  • A detailed look at issues related to Patient Communications
  • Email and texting compliance and privacy issues
  • Secure Providers for HIPAA compliant texting
  • Detailed look at a HIPAA Breaches – Reportable, Breach Notification Deadlines etc.

Who should attend?

  • Compliance Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Medical Office Manager
  • Medical Practice Lawyer
  • CFO
  • CEO
  • COO
  • Privacy Officer
  • Information Security Officer.

Ask a question at the Q&A session following the live event and get advice unique to your situation, directly from our expert speaker.

Order Below or Call 1-844-384-4744 Today

We Also Recommend
Order Form

(Select the format below)

Choose Quantity:

(*) Single User Price

You can also order through:




About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...   More Info
More Events By The Speaker

Why ProfEdOnDemand?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.
Join Our Mailing List