Facility Medical Records

Medical records contain much detailed information that is required by statute, regulation or JCAHO standards. For example, federal regulations mandate the use of a Resident Assessment Instrument (RAI) and Minimum Data Set (MDS) in federally certified nursing homes. Such records are technically the property of the facility. Historically, privacy protection of such records has been a state concern.

Federal concern over privacy protection arose in the context of concerns over the more widespread use of electronic records, which were specifically encouraged under the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA included provisions for administrative simplification and standards for health care electronic data exchange. In the context of wide variation across states in the scope and stringency of privacy protections and concerns about the security/privacy of electronic data in particular, HIPAA therefore also included a third major component to address health information security requirements, thereby establishing national standards that effectively set a national floor on privacy as it relates to medical records. The Duke Center for Health Policy has developed a draft working paper assessing the cost and benefits of medical records regulation in the U.S., including both HIPAA privacy rules and state privacy regulations.


  • Privacy Rule. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) Privacy Rule
  • Office for Civil Rights enforces the HIPAA Privacy Rule, which protects the privacy of individually identifiable health information, and the confidentiality provisions of the Patient Safety Rule, which protect identifiable information being used to analyze patient safety events and improve patient safety. This link summarizes the Privacy Rule’s protection of the privacy of individually identifiable health information, the rights granted to individuals, OCR’s enforcement activities, and how to file a complaint with OCR.

One Response to “Facility Medical Records”

  1. Dr. Lawrence Kindo Says:

    Privacy protection for a patient is a basic right. We as healthcare professionals ought to respect that right. However, with the rise in electronic records, the tendency to look at records as inanimate not considering them sensitive information for the patients is harming the credibility of health institutions. I think it a positive move on the part of the government considering establishing such regulations to prevent any misuse.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: