ROWAN UNIVERSITY POLICY
Title: Requests for Amendment of Protected Health Information
Subject: Office of Compliance & Corporate Integrity (OCCI)
Policy No: OCCI: 2013: P05
Issuing Authority: RowanSOM Chief Compliance & Privacy Officer & RowanSOM Security Officer
Responsible Authority: RowanSOM Compliance & Privacy Officer & Rowan Security Officer
To establish guidelines for assuring that all Rowan University School of Medicine (SOM) units that create designated record sets containing Protected Health Information (PHI) have a process to respond to patient’s requests for amendments of their individual health information.
Under the direction of the President, Senior Vice President for Health Sciences, Dean, Associate Deans, Executive Director, Chief Compliance Officer, and Vice President for Research shall ensure compliance with this policy.
This policy shall apply to health information that is generated during provisions of health care to patients in any of the University’s patient care units, patient care centers or faculty practices as well as Human Subjects research under the auspices of the University or by any of its agents in all RowanSOM departments and University owned or operated facilities.
“Protected Health Information (PHI)” - Protected health information means individually identifiable health information that relates to the past, present or future physical or mental health or condition of an individual, the provision of health care to an individual or the past, present or future payment for the provision of health care to an individual and identifies or could reasonably be used to identify the individual. The PHI of an individual, who has been deceased for more than 50 years, will not be protected [164.502(f)].
- Except as provided in paragraph two (2) of this definition that is: a) transmitted by electronic media; b) maintained in electronic media; or c) transmitted or maintained in any other form or medium
- Protected health information excludes individually identifiable health information in: a) Education records covered by the Family Educational Rights and Privacy Act, as amended, 20 U.S.C. 1232g; b) Records described at 20 U.S.C. 1232g(a)(4)(B)(iv); and c) Employment records held by a covered entity in its role as employer.
- Designated record set- Medical or billing records about individuals maintained by or for a healthcare provider; the enrollment, payment, claims adjudication, and case or medical management record systems maintained by or for a health plan; or records used in whole or in part by or for the provider to make decisions about individuals
A. 45 CFR 164.526, Code of Federal Regulations Title 45, Section 164, Part 526, Security and Privacy, Amendment of Protected Health Information [i]
B. Uses and Disclosures of Health Information With and Without an Authorization [ii]
C. Standards for Privacy of Individually Identifiable Health Information Policy [iii]
D. Access of Individuals to Protected Health Information Policy [iv]
A. All RowanSOM units must maintain a process to enable its patients to request an amendment of their individual health information held by the unit. Such requests must be made in writing and include a reason supporting the amendment.
Signature on file
Rowan Security Officer
[i] 45 CFR 164.526, Code of Federal Regulations Title 45, Section 164, Part 526, Security and Privacy, Amendment of Protected Health Information.
[ii] Uses and Disclosures of Health Information With and Without an Authorization
[iii] Standards for Privacy of Individually Identifiable Health Information Policy
[iv] Access of Individuals to Protected Health Information Policy