Professional Documents
Culture Documents
The Privacy Rule generally requires HIPAA covered entities (health plans and most
health care providers) to provide individuals, upon request, with access to the protected
health information (PHI) about them in one or more “designated record sets” maintained
by or for the covered entity.
A Patient's Right to Amend PHI. The HIPAA privacy rule provides individuals with the right to
request an amendment of their PHI within the designated record set. [45 CFR §164.526 (a)(1)]
The rule specifies the processes covered entities must follow in responding to such a request.
A patient has the right to request an amendment to his or her medical record. A
physician has the right to determine if the change will be made. The medical
recordshould contain both the patient's request and the physician's response.
TO OUR PATIENTS: You have the right to request that we restrict our use anddisclosure of
your protected health information. This means you may ask us not touse or disclose any
part of your PHI for purposes of treatment, payment or health care operations.
The Privacy Rule provides six situations for when disclosure of protected health information is
allowed without authorization. The first five are: When a patientrequests to see his or her own
personal information: Patients may have access to their own medical record at any time.