Monthly Archives: February 2018

February 22, 2018

Mandatory Flu Vaccines Land Healthcare Facility In Court

By Bradley Cave

After rescinding a job offer to an applicant, a Michigan healthcare provider finds itself in federal court defending a religious accommodation claim. If your organization requires employees to get flu vaccines, your policy should address how to handle religious objections. Here are details from the complaint that resulted in this recent discrimination lawsuit and steps you should take when facing similar circumstances.

Prospective Employee Suggests Reasonable Accommodation to Flu Shot

According to the complaint filed by the Equal Employment Opportunity Commission (EEOC), Yvonne Bair applied for a medical transcriptionist position in early 2016 with Memorial Healthcare, a non-profit corporation located in Owosso, Michigan. The transcription position would involve working from home, but also required two months of training at Memorial Healthcare’s hospital in Owosso at the start of employment. Continue reading

February 20, 2018

Producing Patient Records: The “Designated Record Set,” the “Legal Health Record,” and Records Created by Other Providers

Healthcare providers often misunderstand their obligation to provide patient records in response to a request from a patient or third party.

1. Patient Requests and the “Designated Record Set.” With very limited exceptions,[1] patients and their personal representatives generally have a right to access and/or require the disclosure of protected health information in the patient’s designated record set. (45 CFR § 164.524(a)). HIPAA defines “designated record set” as:

A group of records maintained by or for a covered entity that is:
(i) The medical records and billing records about individuals maintained by or for a covered health care provider; [or]
(iii) Used, in whole or in part, by or for the covered entity to make decisions about individuals.

(45 CFR § 164.501). As the OCR recently summarized:

The Privacy Rule generally requires HIPAA covered entities (health plans and most health care providers) to provide individuals, upon request, with access to the protected health information (PHI) about them in one or more “designated record sets” maintained by or for the covered entity. This includes the right to inspect or obtain a copy, or both, of the PHI, as well as to direct the covered entity to transmit a copy to a designated person or entity of the individual’s choice. Individuals have a right to access this PHI for as long as the information is maintained by a covered entity, or by a business associate on behalf of a covered entity, regardless of the date the information was created; whether the information is maintained in paper or electronic systems onsite, remotely, or is archived; or where the PHI originated (e.g., whether the covered entity, another provider, the patient, etc.).

Continue reading

February 6, 2018

IMGMA Q/A: Producing Records

By Kim Stanger

Ed. note: This article also appears in an issue of the Idaho MGMA monthly newsletter.

Question:  What is the difference between a “designated record set” and “legal health record,” and what must we provide when we receive a request for “records”?

Answer:  HIPAA defines “designated record set” as:

A group of records maintained by or for a covered entity that is:

(i)        The medical records and billing records about individuals maintained by or for a covered health care provider; [or]

(iii)      Used, in whole or in part, by or for the covered entity to make decisions about individuals.

(45 CFR 164.501).  With very limited exceptions, patients and their personal representatives generally have a right to access protected health information in their designated record set.  (45 CFR 164.524).  As the OCR recently summarized: Continue reading