Under the Privacy Rule, HIPAA covered entities (health care providers and health plans) are required to provide individuals, upon request, with access to their protected health information (PHI) in one or more “designated record sets” maintained by or for the covered entity.
Covered entities are also required to protect the individual’s PHI from unauthorized disclosure. How must a covered entity
Continue Reading The Individual’s Rights Under HIPAA to Access their Health Information- Verifying the Identity of the Person Requesting PHI