The Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule gives you, with few exceptions, the right to inspect, review, and receive a copy of your medical records and billing records that are held by health plans and health care providers covered by the Privacy Rule. If you want a copy, you may need to pay for copies and mailing. If you request an electronic copy of protected health information, a covered entity is required to provide you with such electronic copy to the extent it is readily producible. In most cases, you should get your copies within 30 days.

A provider cannot deny you a copy of your records because you have not paid for the health services you have received. If you believe that your doctor or other health care provider violated your health information privacy right by not giving you access to your medical record, you may file a HIPAA Privacy Rule Complaint with the U.S. Department of Health and Human Services (HHS) Office for Civil Rights. The easiest way to file a complaint is to go through the HHS Office for Civil Rights. If you have questions about privacy, security, or HIPAA, visit the Department of Health and Human Services Office for Civil Rights (OCR) privacy website . You can also search OCR’s HIPAA FAQ database.

For more information about your right to access your records, visit the HHS Office for Civil Rights.