Eleven more fines, are you next?
OCR recently announced that 11 more entities were fined for failing to provide timely access to patient records following a patient complaint. This list included mental health practitioners, dentists, and more. This announcement proves 3 things - organizations aren't getting the message, patients are aware of the requirement, and no medical practitioner is safe.
We've said this before and we'll repeat it - it's essential you have a multi-tiered process in place for handling patient records requests. If all emails go to a particular staff member, and they go on vacation, you better have those emails getting covered by another team member. You simply cannot afford to ignore or mishandle a records request from a patient. If you need guidance on setting up an effective procedure for your office, give us a call.
The second point to be aware of is patients are onto this requirement - and they're either genuinely or maliciously holding your feet to the fire. Your procedure has to account for the occasional patient who may have bad intentions in their interactions with your staff. This trend will continue - patients are demanding to take more control of their health information, so having a bullet-proof process in place is essential.
The rules are straightforward - you need to be able to provide your patients with copies of their medical records in the format they request them in and in a timely manner - HIPAA gives you 30 days, but the exact time varies by state.
Call us to ensure your RIsk Assessment is completed before the end of the year. Stay compliant, stay safe.