Amendments

Clarifications:

• There is no standard required for this certification criterion.
• This certification criterion’s focus is to support the instance where a HIPAA covered entity agrees or declines to accept a patient’s request for an amendment. [see also 77 FR 54174]
• Amendments are not specified to a particular format (e.g., free text or scanned). [see also 77 FR 54175]
• This certification criterion is meant to be a starting point from which more comprehensive capabilities and standards can be included to evolve over time, including greater standardization and automation. [see also 77 FR 54175]

Technical outcome – A user can select a patient’s record, and:

Clarifications:

1. For an accepted amendment, the health IT either appends the amendment to the patient’s record or includes a link to the amendment’s location;
2. For a denied amendment, the health IT appends the request and denial of the request either to the affected record or includes a link that indicates the location of this information.

Clarification:

• The link is an alternative to appending the patient’s record and must convey to a user or enable a user to obtain the information associated with an amendment’s acceptance or denial. [see also 77 FR 54175]
• ONC does not require that accepted or denied amendments be appended to specific data in order for compliance to be demonstrated. There is some flexibility with how accepted or denied amendments are appended to an individual’s protected health information, recognizing that the type and scope of an amendment will vary based on the circumstances. [see also 77 FR 54175]
  • For example, the affected record could include a link to documentation of an accepted or denied amendment, while still allowing, in the case of an accepted amendment, any necessary corrections to be incorporated directly into the record itself. [see also 77 FR 54175]