Have you ever wanted to dig deep into all your Protected Health Information (PHI) and see what information the doctors have about you and your health? Feeling as though you should put yourself in the driver's seat of your own health and find ways to best monitor it?
By law, you have the right to access your PHI.
You should know that although the Health Insurance Portability and Accountability Act (HIPAA), serves to protect the privacy and security of individuals rights in regards to health information, the law also recognizes the importance of providing individuals with the ability to obtain a copy of their health information. With a few exceptions, the HIPAA Privacy Rule grants individuals with a legal right to receive copies of their own protected health information (PHI) upon request.
Examples of items containing your PHI (Protected Health Information)
You may be wondering what is included in your PHI, the answer to that is A LOT of things! This could include your medical records, billing records, test and laboratory results, medical images, clinical notes, and so much more. However, there are two categories that are excluded from the right of access, they are psychotherapy notes and gathered information in the expectancy of, or for use in, a civil and /or criminal proceeding.
How do you request your PHI?
This really depends on your doctors policies and procedures. Your doctors' practice or hospital or imaging center may provide you with a form to complete, or have you submit a form in writing, you may even be able to complete this process via email or secured web portal. Ask your doctor's office on how you may submit a request. The office is allowed to charge a nominal fee for providing you with these records.
The Privacy Rule does require your provider to take steps in order to verify your identity when requesting your PHI. However, it does not mandate any particular form of verification (eg, obtaining driver’s license, answering security questions, etc.), but rather leaves the discretion to the professional’s judgment in regards to your identity and obtaining your private health information. This should make it easier to obtain your records as opposed to creating any delays. In addition to that, you also have the ability to redirect your records to a different person or office. You may do so by putting it in writing, signing it, and designating who and where to send your PHI to.
Sharing PHI securely
The Privacy Rule in fact, requires practices to provide the documentation to you as requested in a secure manner. If you request a hard copy, your medical practice must provide you with a readable form. If you request your PHI electronically, the practice must find a way to share your records with you securely (eg, scanning original hard copy, sending email if file size permits, etc.).
To summarize, your practice must provide you with your requested PHI no later than 30 days from the date you requested your protected health information. If for whatever reason, there is a delay in acquiring your information, your doctors office may extend the time by an additional 30 days, but must provide you with a reason for the delay, and the date when you’re expected to receive requested documentation.
Now that you have all the information and tools needed to obtain your protected health information (PHI) through HIPAA, you can finally be in control of your well-being. Hop in the driver’s seat, add some gas, and give it a GO! Your PHI is waiting for you!