(Insert Facility Name)

Information Confidentiality and Security Agreements

Reviewable Denial of Access to Requested Patient Information

Patient/Resident Name:

Social Security Number:

Date of Birth:

Patient/Resident Medical Record Number:

Dear (Patient/Resident):

At (your facility) each patient/resident is provided the right to request to inspect and/or obtain a paper copy of his or her protected health information. Each request is reviewed subject to the limitations outlined in HIPAA Federal Standards for Privacy of Individually Identifiable Health Information (45 CFR Parts 160 and 164).

The Privacy Standard outlines the following circumstances in which the facility may deny access. Your request has been denied (either in full or in part) due to the following (circle one):

  1. A licensed health care professional has determined, in the exercise of professional judgment, that the requested access is reasonably likely to endanger the life or physical safety of the individual or another person;
  2. The protected health information makes reference to another person (unless such other person is a health care provider) and a licensed health care professional has determined, in the exercise of professional judgment, that the requested access is reasonably likely to cause substantial harm to such other person; or
  3. The request for access is made by the individual’s personal representative, and a licensed health care professional has determined, in the exercise of professional judgment, that the provision of access to such personal representative is reasonably likely to cause substantial harm to the individual or another person.

You may request a review of this denial by contacting the Privacy Officer. The request must be made in writing.

Please contact me with any questions or concerns you might have.

<Signature of Privacy Officer>

Privacy Officer

Phone: (xxx)

Address: <insert address here>

cc: (Attending physician)

Reviewed: (Insert date)

Revised: (Insert date)

Departments Affected: (all) or (HIM, Business Office, Admitting)

NOTE: This document was developed by Eide Bailly LLP relating to the obligations imposed by the
Health Insurance Portability and Accountability Act (HIPAA). Eide Bailly LLP provides no guarantee or warranty of any kind. This document should be modified depending on the particular health care setting.

Page 1 of 1