In response to the urgent need to address COVID-19, the Centers for Medicare and Medicaid Services (CMS) has introduced multiple policies to allow providers the flexibility to focus attention on care delivery.

One such type of flexibility is the 1335 waiver, which allows CMS to waive sanctions and penalties against a covered hospital for certain actions. As part of this action, CMS announced it is waiving a Condition of Participation related to Patient Rights for hospitals that are considered to be impacted by a widespread outbreak of COVID-19. Specifically, that “the patient has the right to access information contained in his or her clinical records within a reasonable time frame…”

While there may be waivers of sanctions for certain actions, it’s important to understand that the HIPAA Privacy Rule, the HIPAA Security Rule, and the confidentiality provisions of the Patient Safety Rule are still in effect.

Compliance is always a critical component of medical record release, but the importance of a best-in-class compliance program is highlighted in environments like the COVID-19 pandemic when providers are faced with rapidly changing regulatory policies.

Ciox fulfills over 100 million record requests each year and we have taken what we have learned to develop a framework for a best-in-class compliance program. Learn more about the 5T’s of Compliance in this article featured in the Journal of AHIMA.

Compliance will remain a critical challenge for HIM and complexity is only increasing as expectations for HIM and interest in health information intensifies. Establishing a compliance program framework with these five components will help providers deliver excellence in health information management.

 

More insights on privacy and compliance

X