In addition, new HIPAA privacy and security rules that are part of the Health Information Technology for Economic and Clinical Health Act (HITECH) require them to provide patients with the separate right to an "accounting of disclosures" that "would provide additional information about the disclosure of designated record set
information, whether hard-copy or electronic, to persons outside the covered entity and its business associates for certain purposes (e.g., law enforcement, judicial hearings, public health investigations)." (2)
This report would include information on a covered entity's workforce members who have accessed information and would apply to information in an electronic designated record set
, not only information in an electronic health record, as required by HITECH.
was considered designated record set
. Again, that has not changed.
The medical record or designated record set
should be amended within 30-90 days of the discovery of the error (Torrey, 2009).
Again, the legal health record is a subset of the information generated in the course of care, as specified by the facility's designated record set
. It does not contain, for example, responses to clinical prompts issued in entering an order.
Under the Privacy Rule, individuals have the right to inspect or copy their PHI contained in a "designated record set
" for as long as the PHI is maintained in that set.