HIPAA Privacy Regulations under Designated Record Set (DRS)

Event Information
Product Format
Prerecorded Event
Conference Date
Tue, Nov 03, 2015
60 minutes
Product Description

HIPAA Designated Record Set (DRS) to Meet Patient Rights Requirements & Satisfy HHS OCR Investigators

Several of the patient rights under HIPAA depend on your understanding of what constitutes records in the HIPAA Designated Record Set. Patients are only allowed to request access or amendment of information in your official Designated Record Set (DRS), but recent enforcement and audit activity indicates that not all HIPAA Covered Entities understand what constitutes records in the DRS, and do not always meet patient rights requirements that depend in an accurate understanding of the DRS.

The Designated Record Set is not a new concept in HIPAA, but it is newly important, as patients now have greater access to their information and are more able to view it and ask for corrections when they see errors. Issues relating to the DRS have been identified by HHS Office for Civil Rights officials as some of the most frequently reported HIPAA compliance issues, pertaining to proper provision of access and amendment rights, and having a clear understanding of exactly what records are considered to be within the organization’s Designated Record Set. Enforcement and Audit activity is expected to focus on DRS-related issues of access and amendment, and having your DRS clearly defined and understood is essential to meet patient rights and satisfying HHS OCR investigators.

In this session, expert speaker Jim Sheldon-Dean will show why the Designated Record Set must be defined, and its significance to HIPAA rights for individuals. Jim will show how defining the DRS fits into other HIPAA Privacy and Security activities—and how ignoring the process of defining your DRS was the top privacy issue discovered in the 2012 HIPAA Audits. You will understand how not providing for the exercise of patient rights can lead to fines of more than a million dollars in enforcement actions.

Session highlights:

  • Learn what the definition of the HIPAA Designated Record Set is and why it is important.
  • Learn how to go about defining your Designated Record Set.
  • Learn about how to leverage HIPAA Security Rule compliance activities to help in the definition of your Designated Record Set.
  • Find out about sometimes forgotten data that belongs in the DRS at your organization.
  • Find out what the HIPAA Privacy regulations require for documenting the DRS.
  • Discover the processes you must have in place for the proper approval and denial of access of records by individuals as appropriate, including processes for the review of certain denials of access.
  • Find out about HIPAA requirements for handling requests to amend records, as well as the requirements to protect all PHI, including that in the Designated Record Set.
  • Learn about how the HIPAA audit and enforcement activities are now being increased and are focusing on Designated Record Set compliance issues, and what you need to do to survive a HIPAA audit.

Jim will also cover:

  • HIPAA Privacy and Security Rules and Breach Notification Rule
  • A definition of PHI and the distinction between disclosure and use
  • What is included and NOT included in your DRS
  • HIPAA Right to Access and Denial of Access to PHI
  • Detail of the Access Process and Individual Preferences
  • New Guidance on PHI Access and §164.526
  • A detailed look at issues related to Patient Communications
  • Email and texting compliance and privacy issues
  • Secure Providers for HIPAA compliant texting
  • Detailed look at a HIPAA Breaches – Reportable, Breach Notification Deadlines etc.

Who should attend?

  • Compliance Manager
  • HIPAA Officer
  • Chief Information Officer
  • Health Information Manager
  • Medical Office Manager
  • Medical Practice Lawyer
  • CFO
  • CEO
  • COO
  • Privacy Officer
  • Information Security Officer.

Ask a question at the Q&A session following the live event and get advice unique to your situation, directly from our expert speaker.

Order Below or Call 1-866-458-2965 Today

You can also order through:




About Our Speaker

Jim Sheldon Dean - HIPAA Compliance & Regulations Expert

Jim Sheldon-Dean is a healthcare compliance and HIPAA expert in the areas of privacy and security regulatory compliance and business process analysis. He is the founder and director of compliance services at Lewis Creek Systems, LLC, a Vermont-based consulting firm founded in 1982, providing information privacy and security regulatory compliance services to a wide variety of healthcare entities. Jim is a frequent speaker regarding HIPAA...   More Info
More Events By The Speaker

Why AudioEducator?
  • Save money on travel.
  • Meet your specific training needs.
  • Keep learning after the event.
  • Save time training your whole staff.
Join Our Mailing List
Our Accreditation Partners
Facebook Twitter Linkedin Youtube RSS Feeds Google Plus
Audio Educator


Dear Valued Customers


We regret to announce that ProEdTech LLC and all its affiliate brands will cease operations on April 1, 2019.


We are no longer able to fulfill online orders. We will fullfill all DVD and book orders already placed.


Customers of canceled webinars and subscription products may request a refund at (800) 223-8720 or service@proedtech.com. You must do so by April 1, 2019.


Thank you for your business and loyalty over the years. We sincerely apologize for any inconvenience caused.


Best regards,

The ProEdTech Team