Congratulations to tw-Security—2024 Best in KLAS® Security & Privacy Services!

We're #1! Thank you to all our partners and customers!

Lawsuit: Hospitals Lied About Providing Quick Records Access

Complaint Alleges Dozens of Hospitals Falsely Attested to Meeting HITECH Act Requirements
Two Indiana attorneys, frustrated by delays in obtaining patient records on behalf of clients, have filed a lawsuit against 60 hospitals in the state seeking more than $1 billion in damages. The suit alleges the hospitals that received HITECH Act electronic health record incentive payments failed to live up to the program’s initial requirements for providing prompt access to records.

… HITECH Act requirements for hospitals in Stage 1 of the incentive program, which lasted three years, were measured by more than 50 percent of all patients receiving a copy of their information within three business days. Later, HHS replaced this objective with one requiring that patients could view, download and transmit health information online within 36 hours of hospital discharge, …

“This is how patient portals are used to great effect for accomplishing this,” says Joe Gillespie, senior privacy and security consultant at consultancy tw-Security.
“A healthcare entity may deny a patient’s request for records because the patient has not paid for healthcare services rendered. This is not allowed under the law,” Gillespie says. In addition, “the healthcare entity may charge unreasonably high fees for fulfilling requests. HIPAA allows only “reasonable, cost-based fees” and provides some clarity on how those are to be determined. Many states have now enacted fee schedules that lock down what the entities may charge,” Gillespie notes.


For more information or to schedule a FREE initial consultation – contact tw-Security.
Read More