OCR meant what it said in February of this year about patients’ right of access to their medical records. The HIPAA Privacy and Security Rule enforcer issued its first enforcement action under its “Right of Access Initiative” in September.
In an interview with Briefings on HIPAA, Tim Noonan, deputy director for the Division of Health Information Privacy at OCR, discussed cybersecurity and trends in reports of unsecured PHI to OCR. This article includes the highlights.
