Oregon Health & Science University fined $200,000 for Failure to Provide Timely Access to Patient Records
Today, the U.S. Department of Health and Human Services (HHS), Office for Civil Rights (OCR), announced a $200,000 civil monetary penalty against Oregon Health & Science University (OHSU), a public academic health center and research university, for failing to comply with an individual’s right to timely access her medical records through a personal representative. Under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule’s "Right of Access" provisions, individuals or their personal representatives are entitled to timely access to their health information. Covered entities, such as health plans and most healthcare providers, must provide requested records within 30 [...]