On January 23, 2020, the D.C. District Court narrowed an individual\u2019s right to request that HIPAA covered entities furnish the individual\u2019s own protected health information (\u201cPHI\u201d) to a third party at the individuals\u2019 request, and removed the cap on the fee covered entities may charge to transmit that PHI to a third party.<\/p>\n
Specifically the Court stated that individuals may only direct PHI in an electronic format to such third parties, and that HIPAA covered entities, and their business associates, are not subject to reasonable, and cost-based fees for PHI directed to third parties.<\/p>\n
The HIPAA Privacy Rule grants individuals with rights to access their PHI in a designated record set, and it specifies the data formats and permissible fees that HIPAA covered entities (and their business associates) may charge for such production. See 45 C.F.R. \u00a7 164.524. When individuals request copies of their own PHI, the Privacy Rule permits a HIPAA covered entity (or its business associate) to charge a reasonable, cost-based fee, that excludes, for example, search and retrieval costs. See 45 C.F.R. \u00a7 164.524(c) (4). But, when an individual requests his or her own PHI to be sent to a third party, both the required format of that data (electronic or otherwise) and the fees that a covered entity may charge for that service have been the subject of additional OCR guidance over the years\u2014guidance that the D.C. District Court has now, in part, vacated.<\/p>\n
[\u2026]<\/p>\n
Click here to view full original article at www.natlawreview.com<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" On January 23, 2020, the D.C. District Court narrowed an individual\u2019s right to request that HIPAA covered entities furnish the individual\u2019s own protected health information (\u201cPHI\u201d) to a third party at the individuals\u2019 request, and removed the cap on the fee covered entities may charge to transmit that PHI to a third party.<\/p>\n Specifically the Court stated that individuals may only direct PHI in an electronic format to such third parties, and that HIPAA covered entities, and their business associates, are not subject to reasonable, and cost-based fees for PHI directed to third parties.… Read More <\/a><\/p>","protected":false},"author":1,"featured_media":146,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[3,18,10],"tags":[17,20,19,13],"_links":{"self":[{"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/posts\/68"}],"collection":[{"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/comments?post=68"}],"version-history":[{"count":0,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/posts\/68\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/media\/146"}],"wp:attachment":[{"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/media?parent=68"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/categories?post=68"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/apexcompliance.net\/wp-json\/wp\/v2\/tags?post=68"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}