- within Privacy, Insurance and Intellectual Property topic(s)
- with readers working within the Insurance and Utilities industries
On Dec. 3, the Department of Health and Human Services, Office for Civil Rights (HHS-OCR) announced its plan to make parental access rights to children's medical records under HIPAA an enforcement priority. As part of its announcement, HHS-OCR issued a Dear Colleague Letter in which it reminds HIPAA covered entities that the HIPAA Privacy Rule generally gives parents the right to access their minor child's medical records. HHS-OCR warns that denying a parent access may be a HIPAA violation.
In the letter, HHS-OCR explains that it has become aware that there may be instances in which parents of minor children are not receiving access to their children's medical records. The agency then outlines parents' rights as personal representatives under HIPAA and provides examples and links to additional materials to clarify when a personal representative may access medical records — particularly when a parent is seeking access to a child's records.
HHS-OCR urges covered entities and their business associates to review their policies and procedures and "proactively" make any necessary changes to ensure compliance with the HIPAA Privacy Rule. The agency also states that covered entities should ensure parent access to their minor children's medical records in electronic systems (such as a patient portal and electronic medical records system) is properly configured and maintained to provide parental access in compliance with the Privacy Rule.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
