The custodian of the legal health record is the health information manager in collaboration with information technology personnel.HIM professionals oversee the operational functions related to collecting, protecting, and archiving the legal health record, while information technology staff manage the technical infrastructure of the electronic health record." The health information custodian is the person who has been designated responsible for the care, custody, and control of the health record for such persons or institutions that prepare and maintain records of healthcare.If conflict exists, guidance should be sought from legal counsel for further clarification.
Verify compliance with pertinent state statutes prior to disclosing the requested information.
If state and federal laws have been satisfied, conduct the appropriate analysis to determine if a signed consent by the patient is required or if the request requires that protected health information be de-identified prior to disclosure.
State law should be evaluated to ensure that information is not required in a format other than paper.
If submission of the information is recommended or required in another format, confirm whether it is possible to meet these terms based on hospital policy and procedure.
The Rules of Evidence indicate that the author of the entry is the only one who has knowledge of the entry.
The Federal Regulations/Interpretive Guidelines for Hospitals (482.24(c )(1)(i)) require that there be a method for determining that the author did, in fact, authenticate the entry.
Generally, a statement and signature of the record custodian are sufficient; however, some states may require a witness or notary signature as well.
There are some simple steps you can take when responding to requests for EHRs for legal process: Having reviewed and established that the request is HIPAA compliant, determine if the information may be disclosed based on the context of the request received.
Appropriate safeguards must be in place if the transaction is covered by the security rule.
Unless otherwise directed, a response in a paper format as the certified copy is considered acceptable.
Electronic signature technology should provide verification of the identity of the author.