CMS Releases Record Retention Guidelines

A updated post on record retention with a simple record retention schedule can be found here.

State laws generally govern how long medical records are to be retained.

However, the Health Insurance Portability and Accountability Act (HIPAA) of 1996 administrative simplification rules require a covered entity, such as a physician billing Medicare, to retain required documentation for six years from the date of its creation or the date when it last was in effect, whichever is later. HIPAA requirements preempt State laws if they require shorter periods. Your State may require a longer retention period.

While the HIPAA Privacy Rule does not include medical record retention requirements, it does require that covered entities apply appropriate administrative, technical, and physical safeguards to protect the privacy of medical records and other protected health information (PHI) for whatever period such information is maintained by a covered entity, including through disposal.

The Centers for Medicare & Medicaid Services (CMS) requires records of providers submitting cost reports to be retained in their original or legally reproduced form for a period of at least 5 years after the closure of the cost report.

CMS requires Medicare managed care program providers to retain records for 10 years.

A medical record folder being pulled from the ...

Image via Wikipedia

Additional information:

Providers/suppliers should maintain a medical record for each Medicare beneficiary that is their patient.
Medical records must be accurately written, promptly completed, accessible, properly filed and retained.
Using a system of author identification and record maintenance that ensures the integrity of the authentication and protects the security of all record entries is a good practice.
The Medicare program does not have requirements for the media formats for medical records. However, the medical record needs to be in its original form or in a legally reproduced form, which may be electronic, so that medical records may be reviewed and audited by authorized entities.
Providers must have a medical record system that ensures that the record may be accessed and retrieved promptly.
Providers may want to obtain legal advice concerning record retention after CMS-required time periods.

Enhanced by Zemanta

Bringing you the latest healthcare news!

The Manage My Practice Blog keeps our readers up to date with the latest healthcare news, trends and analysis.

Recent Posts

Webinar: Reduce Costly Patient No-Shows

by Mary Pat Whaley | Apr 2, 2018 | Day-to-Day Operations

There are a million reasons a patient no-shows for an appointment, or calls right before their scheduled appointment to cancel. Some of the reasons are unavoidable, but all of them cost you money....

Back to the the Blog!

Back to the the Blog!

by Mary Pat Whaley | Nov 24, 2023 | General

Where have I been? Ten years after I started my consulting business and started blogging, in 2018 I stopped blogging when I took a very interesting interim position at the University of Washington...

Blockchain for Beginners

by Mary Pat Whaley | May 7, 2018 | Electronic Medical Records, Innovation, Learn This: Technology Answers

Do you know what blockchain is? Everyone has heard of blockchain, but not many people understand what it really is - myself included. I went looking for an approachable introduction to the...

How to Ask for Advice

by Mary Pat Whaley | Apr 23, 2018 | A Career in Practice Management, General, Leadership, Starting a New Practice

A question I recently answered on Quora was: How would you go about asking a business professional that you admire, for advice on starting up a business? My answer could just as easily apply to...

Get in touch

Email: marypat@managemypractice.com
Phone: (919) 370 0504