Interested in training for your team? Click here to learn more

HIPAA's Right of Access: Compliance Challenges, OCR Enforcement, and Best Practices

Recording of a 90-minute CLE video webinar with Q&A

This program is included with the Strafford CLE Pass. Click for more information.
This program is included with the Strafford All-Access Pass. Click for more information.

Conducted on Wednesday, June 22, 2022

Recorded event now available

or call 1-800-926-7926

This CLE course will guide healthcare counsel on HIPAA's right of access. The panel will discuss defining the designated record set and evaluate common scenarios in which liability may arise. The panel will also discuss the U.S. Department of Health and Human Services Office for Civil Rights (OCR's) right of access enforcement efforts. The panel will offer best practices for compliance.


In March 2022, OCR announced the resolution of three investigations related to HIPAA right of access compliance. The announcement, along with recent statements from the OCR director, emphasizes the ongoing focus by OCR on its Right of Access Initiative.

The HIPAA Privacy Rule generally requires HIPAA covered entities to provide individuals, upon request, with access to protected health information (PHI) about them maintained by/for the covered entity in "designated record sets." However, the HIPAA right of access may not apply to all PHI, as it is limited to information contained in the designated record set. Complying with the HIPAA access requirement, along with access requirements under other applicable laws, can be challenging for many entities.

Listen as our authoritative panel of healthcare attorneys examines HIPAA's right of access requirements. The panel will discuss compliance challenges and evaluate common scenarios that may give rise to liability. The panel will offer practical guidance for ensuring compliance with HIPAA's right of access requirements.



  1. HIPAA basics and the right of access
  2. HIPAA Right of Access Initiative
  3. Common scenarios in which liability may arise
  4. Intersection with the interoperability rule
  5. Applicable state law
  6. Record retention
  7. Best practices


The panel will review these and other relevant issues:

  • What compliance challenges are covered entities facing today with respect to the HIPAA right to access?
  • What steps should covered entities take to define designated record sets and otherwise ensure compliance with access requirements?
  • Under its Right of Access Initiative, what actions has OCR taken to enforce the requirements?


Sakowitz Klein, Jo-Ellyn
Jo-Ellyn Sakowitz Klein, CIPP/US

Senior Counsel
Akin Gump Strauss Hauer & Feld

Ms. Klein is a leading practitioner on privacy and data protection matters, with a special emphasis on the health and...  |  Read More

Montague, Valerie
Valerie Breslin Montague

Nixon Peabody

Ms. Montague represents a variety of health care providers, digital health companies, senior living facilities,...  |  Read More

Access Anytime, Anywhere

Strafford will process CLE credit for one person on each recording. All formats include course handouts.

To find out which recorded format will provide the best CLE option, select your state:

CLE On-Demand Video