Journal of AHIMA - February 2011

sources, medium, and location of the individually identifiable data that it includes (i.e., the data collected and directly used in documenting healthcare or health status).† The documentation that comprises the legal health record may physically exist in separate and multiple paper-based or electronic systems.

The legal health record serves to:
x Support the decisions made in a patient’s care
x Support the revenue sought from third-party payers
x Document the services provided as legal testimony regard-
ing the patient’s illness or injury, response to treatment,
and caregiver decisions
x Serve as the organization’s business and legal record
The legal health record is typically used when responding
to formal requests for information for evidentiary purposes. It
does not affect the discoverability of other information held by
the organization.

Designated Record Set Definition and Role

The HIPAA privacy rule defines the designated record set as a group of records maintained by or for a covered entity that may include patient medical and billing records; the enrollment, payment, claims, adjudication, and cases or medical management record systems maintained by or for a health plan; or information used in whole or in part to make care-related decisions.

The designated record set also contains individually identifiable data stored on any medium and collected and directly used in documenting healthcare or health status. It includes clinical data such as WAVE files, images (e.g., x-rays), and billing information.

The designated record set is generally broader than the legal health record because it addresses all protected health information. While the legal health record is generally the information

Practice Brief

used by the patient care team to make decisions about the treatment of a patient, the designated record set contains protected health information along with business information unrelated to patient care.

Organizations must define the types of documentation that
comprise the designated record set and identify where the re-
cords physically exist, such as in separate and multiple paper-
based or electronic systems.†
Under HIPAA, the designated record set is used to clarify the
rights of individuals to access, amend, restrict, and acquire an
accounting of disclosures. Individuals have the right to inspect
and obtain a copy, request amendments, and set restrictions
and accountings of medical and billing information used to
make decisions about their care.

Guidance for Defining Record Sets

The challenge for HIM professionals in defining the legal health record or designated record set is to determine which data elements, electronic-structured documents, images, audio files, and video files to include. The primary consideration in defining the legal health record and designated record set must always be the needs for immediate and long-term patient care. An HIM committee comprised primarily of patient care team members can guide this process. Members of this committee should make the decision on what information is clinically meaningful.†

1. Identify Relevant Regulations, Standards, and Laws Based on the committee’s clinical direction, the first step in defining the legal health record and designated record set is to determine what legal entities enforce relevant regulations, guidelines, standards, or laws on health records. Although these entities may have defined a legal record in paper terms (e.g., requiring a medication sheet rather than an electronic medication administration record), their definitions must become the basis for the organization’s legal health record definition.

2. Determine Records Created in the Course of Business

The second step is to determine whether the records are created in the provider or entity’s ordinary course of business. Source-system or raw data are the data from which interpretations, summaries, and notes are derived. They may be designated part of the legal health record, whether or not they are integrated into a single system or maintained as part of the source system.

Records from source systems may be considered part of the legal health record based on the content of the source system’s record. Historically, reports or findings upon which clinical decision making is based are parts of the legal health record. For example, the written result of a test such as an x-ray, an ECG, or other similar procedures are always part of the record, whether these reports are integrated into a single system or part of a source system.

Working notes used by a provider to complete a final report are not considered part of the health record unless they are made available to others providing patient care. However, docu-