Reviews of user access logs are required by the HIPAA regulations to protect the privacy of patient information and to detect any unauthorized access, use, or disclosure. As previously communicated, FairWarning automates the audits and identifies potentially inappropriate access behavior. This tool allows us to proactively monitor our clinical systems such as UChart and Meditech that house patient information.
The following are examples of audits that are conducted:
- Users accessing medical records of family members such as spouses, children, parents, etc.
- Users accessing medical records of co-workers.
- Users accessing medical records of supervisors.
- Users accessing or printing abnormally large numbers of records over a period of time.
Always remember to ask yourself:
If the answer is NO to any of these questions, please contact your supervisor for further guidance.
If you need to obtain access to your own medical records, you can access that information through the MyUHealthChart patient portal or you can contact Health Information Integrity (Medical Records) to complete the request to obtain copies of your record.
If you need access to your adult family member’s information, an authorization will need to be completed by the patient to obtain access either to the patient portal or to request records from medical records.
For more information or questions, please contact the Office of HIPAA Privacy & Security.