Banner

Disposing of medical records

Article

Under HIPAA, who bears the responsibility (including cost) for discarding old patient records that contain protected health information-the employed physician or the practice he works for?

Q: Under HIPAA, who bears the responsibility (including cost) for discarding old patient records that contain protected health information—the employed physician or the practice he works for?

A: Typically, the practice, since it has the duty to retain the records in the first place. But check your state's law to determine how long they must be retained. In New York, for instance, physicians must maintain patient records for at least six years or, in the case of a minor, for at least one year after the patient turns 18; anyone who doesn't may face professional misconduct charges. Also at issue is how one discards records containing protected healthcare information. Under HIPAA, anyone disposing of records must do so in a way that minimizes the risk of exposure to unauthorized users - through shredding, for example.

Related Videos
Robert E. Oshel, PhD
Robert E. Oshel, PhD
Robert E. Oshel, PhD
Gary Price, MD, MBA
Gary Price, MD, MBA
Gary Price, MD, MBA
Gary Price, MD, MBA
Gary Price, MD, MBA
Gary Price, MD, MBA
Gary Price, MD, MBA
© 2023 MJH Life Sciences

All rights reserved.