There's considerable confusion about what HIPAA means and what your obligations are under the regulations. I recently presented at a Midwest physician association conference. As is almost always the case, in the front row was an attendee just waiting for the Q&A session.
Hackers gained unauthorized access to the information technology system of Anthem, Inc., and exposed the PHI of more than 80 million people who are currently or were previously covered by the insurance provider. The attack also exposed the PHI of Anthem's employees, including President and Chief Executive Officer Joseph R. Swedish.
Q: I work in long-term care and I am familiar with the language in HIPAA regulations regarding requests for electronic copies of medical records for a reasonable fee according to community standards. However, my company does not maintain its medical records in electronic form, nor do we presently have the capability of converting our paper records into electronic format. Our state legislature addressed the issue of "reasonable charges and community standards" by state statute in 2006 by providing a formula for every medical provider to follow state-wide for copy charges regarding paper copies.
