Skip to Content

Security of Health Information in Pennsylvania

< Return to Security of Health Information

        In Pennsylvania, different types of medical facilities have special requirements for maintaining the security of patient medical records.  For most facilities, including hospitals1, ambulatory surgical facilities2, birthing centers3, and home health care centers4, Pennsylvania requires simply that medical records be stored in an area that will protect against loss, damage and unauthorized access. For adult daily living centers, the state requires that all client records be kept locked when unattended.5

        Under certain circumstances, entities around the state can gain access to medical record data housed by the health care cost containment council through the Right-to-Know-Law.  The council can provide access to special reports derived from raw data to entities that purchase health benefits for their employees, collective bargaining representatives of those employees, and any other entities it deems appropriate.6

 

Footnotes

  • 1. 28 Pa. Code § 115.22 (2012)
  • 2. 28 Pa. Code § 563.5 (2012)
  • 3. 28 Pa. Code § 501.62 (2012)
  • 4. 28 Pa. Code § 601.36 (2012)
  • 5. 6 Pa. Code § 11.197 (2012)
  • 6. 35 Pa. Stat. Ann. § 449.10 (West 2012)

 

Security of Health Information in Pennsylvania

Subtopic Statute/Regulation Description
Storage of health information in a secure location (Cross reference Medical Record Collection) 28 Pa. Code § 115.22, Storage of medical records Requires health care facilities to store records in a manner that shields them from unauthorized access, damage, or loss.  
Security of Health Information 28 Pa. Code § 115.34, Medical records review Requires health care facilities to periodically conduct medical records review.  
28 Pa. Code § 563.6, Preservation of medical records Requires ambulatory surgical facilities to maintain a patient’s medical record for at least seven years following the patient’s date of...
Access - 6 Pa. Code § 11.197 Clients of older adult daily living centers will have access to their own records and the information contained therein, unless, in the opinion of...
Clinical records - 28 Pa. Code § 601.36 Providers of home health care services must maintain a clinical record containing pertinent past and current findings for every patient receiving...
Confidentiality of medical records - 28 Pa. Code § 115.27 Medical record confidentiality
Confidentiality of medical records - 28 Pa. Code § 563.9 Records should be confidential
Contents - 28 Pa. Code § 115.32 Medical record contents
Form and content of record - 28 Pa. Code § 563.12 Ambulatory surgical facilities must maintain a separate medical record for each patient that includes the following information:1   ...
Health record transfer, retention and confidentiality - 28 Pa. Code § 501.62 Birth centers must comply with the following requirements pertaining to patient medical records: If a patient is transferred or referred to...
Ownership - 28 Pa. Code § 563.10 Ambulatory surgical facilities must maintain a separate medical record for each patient that includes the following information: 28 Pa. Code Chapter...
Patient medical records - 28 Pa. Code § 115.31 All hospitals must maintain patient records in accordance with the following provisions:         A medical...
Preservation of medical records - 28 Pa. Code § 115.23 Preservation of medical records
Right-to-Know Law and access to council data - 35 Pa. Stat. Ann. § 449.10 The Right-to-Know law enables the health care cost containment council to make determinations on requests for its information and data in favor of...
Click on the individual state law in the table above to see our summary of the individual law.


Welcome to Health Information & the Law

Please provide the following information and continue to the site.

by Dr. Radut.