Requests to Amend a Medical or Dental Record

Carol Murray, RHIA, CPHRM, Senior Patient Safety Risk Manager, and Richard Cahill, JD, Vice President and Associate General Counsel, The Doctors Company

Under the HIPAA Privacy Rule, patients have the right to request amendments to their medical or dental records. Providers have the right to determine if the changes will be made. The record should contain both the patient’s request and the provider’s response. Consider the following scenarios and the guidelines and steps outlined below:

Scenario 1

During an executive physical examination, a provider asks the patient how many alcoholic drinks he has in a day. Because the patient does not drink every day, he responds that he has about five drinks each week. The provider incorrectly documents “ETOH: 5/day.” Subsequent healthcare providers who have received copies of the physical examination refer to the patient’s “daily” alcohol intake. The patient eventually identifies the source of the confusion and requests an amendment to the medical record.

Scenario 2

A patient returning for follow-up of back strain due to gardening now insists that the original injury occurred at work and wants the prior visit note changed.

Patient Requests

When you receive a patient request for any kind of amendment to a medical or dental record, these guidelines can help ensure clear documentation:

  • The patient’s request must be in writing and must be signed and dated. (Notify the patient that the request will become part of the permanent record.)
  • The request must be directed to the provider who originated the portion of the record the patient wants to amend.
  • The request must state which portion of the record the patient wants to amend and specify how it should be amended.
  • The patient’s request is then filed in the record with the pertinent entry.
  • The patient’s request for change and the provider’s written response become part of the permanent record.

Provider Response

A provider who agrees (or partially agrees) with the patient’s request should take the following steps:

  • Indicate on the patient’s record that “Per the patient’s request, the record is amended as follows,” and make any appropriate changes.
  • Prepare and send a written response to the patient within 60 days of receipt of the original request. Sign and date the response.
  • Place a copy of the patient’s request and the written response with the pertinent entry in the patient’s record.
  • Make a reasonable and timely effort to inform other individuals who received the original record and provide them with the amendment. This is especially important if relying on the original information could be detrimental to the patient.

A provider who denies a patient’s request should follow these steps:

  • Respond to the patient in writing within 60 days of receipt of the original request.
  • Use plain language (rather than technical medical terms) that the patient will understand.
  • Place the response in the patient’s permanent record with the request, and include the following information:
    • The reason for the denial.
    • A statement advising that the patient may submit a written reply disagreeing with the denial.
    • A statement telling the patient how to submit a reply to the provider or clinic.
    • A statement outlining that, regardless of whether the patient wishes to reply to the denial, copies of the original request and the provider’s denial will be included in responses to future inquiries regarding the patient’s medical information.
    • Notice to the patient regarding how to make a complaint to the provider or a HIPAA complaint to the Secretary of the U.S. Department of Health and Human Services, Office for Civil Rights either online or by telephone at (800) 368-1019.

The request to file an amendment may be facilitated by providing a form for the patient to complete. The form should include the required information relative to the patient’s request and fields to sign and date the request.

For additional assistance, contact the Department of Patient Safety and Risk Management at (800) 421-2368 or patientsafety@thedoctors.com.


Resources

45 CFR § 164.526, Amendment of protected health information.

U.S. Department of Health & Human Services, Summary of the HIPAA Privacy Rule


The guidelines suggested here are not rules, do not constitute legal advice, and do not ensure a successful outcome. The ultimate decision regarding the appropriateness of any treatment must be made by each healthcare provider considering the circumstances of the individual situation and in accordance with the laws of the jurisdiction in which the care is rendered.

J12955 07/21

Stay in the Know

Sign up for The Doctor’s Practice.

Our e-newsletter features timely articles, videos, and guides on a range of patient safety topics.

Subscribe