Several of the patient rights under HIPAA depend on your understanding of what constitutes records in the HIPAA Designated Record Set. Patients are only allowed to request access or amendment of information in your official Designated Record Set (DRS), but recent enforcement and audit activity indicates that not all HIPAA Covered Entities understand what constitutes records in the DRS, and do not always meet patient rights requirements that depend in an accurate understanding of the DRS.
The Designated Record Set is not a new concept in HIPAA, but it is newly important, as patients now have greater access to their information and are more able to view it and ask for corrections when they see errors. Issues relating to the DRS have been identified by HHS Office for Civil Rights officials as some of the most frequently reported HIPAA compliance issues, pertaining to proper provision of access and amendment rights, and having a clear understanding of exactly what records are considered to be within the organization’s Designated Record Set. Enforcement and Audit activity is expected to focus on DRS-related issues of access and amendment, and having your DRS clearly defined and understood is essential to meet patient rights and satisfying HHS OCR investigators.
In this session, expert speaker Jim Sheldon-Dean will show why the Designated Record Set must be defined, and its significance to HIPAA rights for individuals. Jim will show how defining the DRS fits into other HIPAA Privacy and Security activities—and how ignoring the process of defining your DRS was the top privacy issue discovered in the 2012 HIPAA Audits. You will understand how not providing for the exercise of patient rights can lead to fines of more than a million dollars in enforcement actions.
Jim will also cover:
Who should attend?
Ask a question at the Q&A session following the live event and get advice unique to your situation, directly from our expert speaker.
- Jim Sheldon-Dean
Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...
More Events By The Speaker