Renown Health Pays $75,000 to Settle Right-of-Access Violation Under HIPAA
Renown Health, P.C. (Renown), a non-profit health system in Nevada, settled with the U.S. Office for Civil Rights (OCR) at the U.S. Department of Health and Human Services in a matter resulting from an enforcement action for a potential violation of patients’ access rights under the OCR’s Health Insurance Portability and Accountability Act of 1996 (HIPAA) Right-of-Access Initiative. The Renown settlement is the 15th settlement under this initiative.
Renown paid $75,000 and agreed to:
- Develop and maintain written access policies and procedures to comply with HIPAA
- Distribute updated policies and procedures related to the right-of-access to all workforce members
- Train workforce members on the right-of-access
- Revise its Notice of Privacy Practices to reflect the steps that patients need to take to access their PHI (including billing records)
OCR alleged that Renown did not respond to a patient’s request that an electronic copy of her protected health information (PHI), including billing records, be sent to a third party in a timely manner under HIPAA. The OCR’s investigation determined that this failure to provide timely access was a potential violation of Renown’s obligations to the patient. As a result of the investigation, Renown also provided access to all the requested records.
Acting Director of OCR, Robinsue Frohboese, said “Access to one’s health records is an essential HIPAA right and health care providers have a legal obligation to their patients to provide access to their health information on a timely basis,” and OCR will certainly continue to enforce these types of violations throughout 2021. OCR announced this initiative in September 2019 seeking to support patients’ right to timely access to their PHI at a reasonable cost under HIPAA.
To view the corrective action plan that Renown has agreed to, click here.