AskTMA

Legally Speaking: Addressing Issues That Affect Your Practice

About TMA Contact Us Become A Member

Legal Issues of Outsourcing Medical Records Requests

Written by Ashley Robertson

If your office is thinking about engaging a third party medical records management firm to handle requests for access and store your data—or if you have already done so—you undoubtedly know that you need a business associate agreement in order to comply with HIPAA. This business associate agreement will require the medical records company to provide “satisfactory assurances” that it will, among other things, “help the covered entity comply with some of the covered entity’s duties under the Privacy Rule.”

You’ll also want to make sure that your contract with any such company requires it to comply with Tennessee state law with regard to limitations on medical records copying fees that can be charged to those requesting medical records.

AskTMA!

My blog All of Tumblr

Share this blog

Follow Us!

Tennessee Medicine

"AskTMA" is the online extension of our popular, long-running "AskTMA" legal column in Tennessee Medicine, the journal of the Tennessee Medical Association.

Check our legal column out in our next issue!

Follow on Tumblr

Following

RSS feed

Random

Disclaimer

Due to its tax-exempt status, the TMA cannot provide legal advice or representation to individual members