On December 15, 2023 the U.S. Department of Health and Human Services (HHS) Office for Civil Rights (OCR) announced a $160,000 settlement with Optum Medical Care of New Jersey (formerly Riverside Medical Group).
OCR received six complaints in 2021 that Optum failed to provide patients or parents with timely access to medical records. Records took between 84 and 231 days to be delivered—well beyond HIPAA’s 30-day Right of Access requirement.
OCR investigated in 2022 and found that Optum violated the HIPAA Right of Access provision. Optum agreed to pay $160,000 and implement a corrective action plan. The plan requires policy revisions, staff training, and regular reporting to OCR. OCR will monitor Optum for one year.
OCR Director Melanie Fontes Rainer emphasized:
“Access to medical records is a fundamental HIPAA right. Providers must respond to requests quickly and empower patients to make informed decisions about their care.”
This case marks OCR’s 46th Right of Access enforcement action.