Skip to main content
MRO’s Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB, shares her privacy and security visions for 2019 and offers strategies for navigating compliance in the coming year.

We are highlighting privacy and security trends and predictions to help Health Information Management (HIM) and other healthcare leaders navigate compliance in the coming year.

Patient-Directed Requests
Attorney misinterpretation of patient-directed requests (PDRs) was front and center in 2018 and will continue to require clarification and guidance in 2019. When the validity of a PDR is questionable, the patient should be contacted to clarify and confirm consent. Here are additional strategies for handling attorney requests submitted under the guise of a PDR:

  • Inform your state legislators of this questionable attorney behavior
  • Discuss the issue with HIM peers in your area
  • Hold meetings with your OCR representative to determine the best course of action
  • Question and verify (with the patient) any suspicious PDR

We welcome a dialogue with the Office for Civil Rights (OCR) for clarification of the guidance to ensure requests are made for the purpose of assisting the patient with continuity of care—the original intent of the guidance. At MRO, we use the criteria provided by the guidance. The request must be made by the patient, written in the first person and signed by the patient. It must clearly state who is to receive the information and provide the address of that person.

Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB

Rita Bowen, MA, RHIA, CHPS, CHPC, SSGB

Bowen is an established author and speaker on healthcare privacy and security. She is an active member of the American Health Information Management Association (AHIMA), having served as its President and Board Chair, as a member of the Board of Directors and of the Council on Certification, and currently sits on the AHIMA Foundation Board of Directors. In her role at MRO, Bowen works with clients to ensure HIM policies and procedures are to code. Additionally, Bowen serves as the company’s Privacy and Compliance Officer (CPO).

More Posts