November 15, 2019

HIPAA Reminder

By msequeira

Under HIPAA, (Health Insurance Portability and Accountability Act of 1996), we must make a reasonable effort to limit the use or disclosure of Patient Health Information (PHI) to a minimum amount of information necessary to accomplish an appropriate business purpose only.

Employees may NOT access their own medical record or other patients’ medical records through the Electronic Health Record (EMR - this includes Cerner/Power Chart, Mosaiq, etc.), even if the employee has the right to the medical record by being a guardian, having Power of Attorney, or if the patient gives consent.

Employees can access records through the MyHealth Patient Portal or by contacting the Health Information Management Department (HIM).  

For additional information, please refer to HSC Policies “Right to Access of Protected Health Information by the Patient” or “Information Access and Security”.  

Tags: Notes