Amendment of Protected Health Information, v1.0

Specifies that a covered entity must have policies and procedures to permit an individual to request that a covered entity amend, in a timely manner, protected health information or a record about the individual, subject to certain restrictions and limitations.
An indivdual's rights to amend his/her PHI must be permited by an organization's policies and procedures, subject to certain conditions and restrictions, as described in the referenced citation.
Due to the complexity of the rule as originally written, the assessor must use the full text of the citation section to perform this assessment.

Assessment Step

1
Individual Right to Amend PHI (IndividualRighttoAmendPHI)
Does the covered entity have policies and procedures to permit an individual to request that a covered entity amend, in a timely manner, protected health information or a record about the individual in a designated record set, subject to certain restrictions and limitations, and inform the individual that the amendment request is denied or accepted and possibly notify other holders of the PHI, as outlined in the referenced citation?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.

Conformance Criteria (1)

Right to Amend PHI
The covered entity must have policies and procedures to permit an individual to request that a covered entity amend, in a timely manner, protected health information or a record about the individual in a designated record set, subject to certain restrictions and limitations, and inform the individual that the amendment request is denied or accepted and possibly notify other holders of the PHI, as outlined in the referenced citation.
Citation
HIPAA-Privacy-Rule
45 CFR Section 164.526