Everyone has the right to information and that includes information about oneself. Patients are not exempted from this right. The Health Insurance Portability and Accountability Act (HIPAA) and its security and privacy rules take the right of a patient into consideration to ensure that patients are not just given proper information on their own health, but also given the right to determine what happens to their health information. The rules also seek to ensure that patients’ Protected Health Information (PHI) are not kept away from the patients or used without the patients’ permission. To this end the Health Insurance Portability and Accountability Act (HIPAA) under its Privacy Rule gives patients right to monitor or supervise the use and disclosure of their health information. Patients are given the right by the rules to have a copy of their Protected Health Information (PHI) in a particular record set that they choose.
The information in the record set should include information about the patient in the health care provider’s medical and billing records. Every request made by the patient to receive this record set must be granted by the Covered Entity (CE) or the Business Associate (BA) in not more than 30 days after the request has being made by the patient and received by the Covered Entity (CE) or Business Associates (BA). If the patient request that the information be made in hard copies and electronic copies, then it is the responsibility of the CE to deliver the information in the formats requested or the formats agreed by the patients and the CE. This will ensure understanding between the CE and the patient and will also mean compliance with the Health Insurance Portability and Accountability Act (HIPAA) by the CE. There are other rights that are stated under the meaningful use and these rights must be complied with by the CE.