HIPAA Right of Access

Two HIPAA Right of Access Violation Settlements Announced


February 23, 2021 | Reading Time: 2 Minutes

Please support Telehealth.org’s ability to deliver helpful news, opinions, and analyses by turning off your ad blocker. How

The Department of Health and Human Services (HHS) Office for Civil Rights (OCR) continues its HIPAA right of access violation enforcement initiative, announcing two HIPAA right-of-access violation settlements within two days of each other. More details on the violation settlements are discussed.

Renown Health $75,000 HIPAA Right-of-Access Violation Settlement

On February 10, 2021, HHS’ OCR announced its fifteenth right-of-access violation settlement with Renown Health. OCR launched an investigation into Renown after a patient report a HIPAA violation complaint in February 2019 alleging that the healthcare provider failed to respond to a patient’s request for medical records. The investigation determined that Renown potentially violated the HIPAA right-of-access standard. To settle the matter, Renown agreed to pay a $75,000 fine, implement a corrective action plan, and be subjected to two years of OCR monitoring.

The provisions of the corrective action plan require Renown to revise policies and procedures to reflect Renown’s obligation to comply with the right-of-access standard. This includes outlining access protocols, and training staff on how to comply with records requests.

Sharp HealthCare $70,000 Violation Settlement

On February 12, 2021, HHS’ OCR announced its sixteenth HIPAA right-of-access violation settlement with Sharp HealthCare. HHS’ OCR receives a HIPAA violation reporting in June 2019 from a patient’s personal representative that Sharp failed to provide the patient with requested records, HHS’ OCR launched an investigation. The investigation concluded within two weeks of the complaint, and OCR provided Sharp with technical assistance so that they may comply with the records request. However, OCR received a second complaint after Sharp failed to provide the records until October 2019, well past the 30-day allowance for compliance. As a result, Sharp agreed to pay a $70,000 fine, implement a corrective action plan, and be subjected to two years of OCR monitoring. 

The provisions of the corrective action plan require Sharp to develop policies and procedures in relation to complying with the HIPAA right-of-access standard. As part of this requirement, Sharp must include an accurate definition of a Designated Record Set, and train staff members on fulfilling access requests.

Essential Telehealth Law & Ethical Issues

Bring your telehealth practice into legal compliance. Get up to date on inter-jurisdictional practice, privacy, HIPAA, referrals, risk management, duty to warn, the duty to report, termination, and much more!

Disclaimer: Telehealth.org offers information as educational material designed to inform you of issues, products, or services potentially of interest. We cannot and do not accept liability for your decisions regarding any information offered. Please conduct your due diligence before taking action. Also, the views and opinions expressed are not intended to malign any organization, company, or individual. Product names, logos, brands, and other trademarks or images are the property of their respective trademark holders. There is no affiliation, sponsorship, or partnership suggested by using these brands unless contained in an ad. Some of Telehealth.org’s blog content is generated with the assistance of ChatGPT. We do not and cannot offer legal, ethical, billing technical, medical, or therapeutic advice. Use of this site constitutes your agreement to Telehealth.org Privacy Policy and Terms and Conditions.

Please share your thoughts in the comment box below.

Notify of
Inline Feedbacks
View all comments

Register for Free

Receive Any of Our 57 FREE Newsletters!


Most Popular Blog Topics

You May Also Like…

ChatGPT HIPAA Considerations
ChatGPT HIPAA Considerations

ChatGPT HIPAA compliance is one of the hottest topics at 2023 conferences and with good reason. AI...