The guidelines in this document are intended to assist physicians in understanding issues around ownership and control of medical records, and the ways in which these issues affect the administration of medical records within their practice. Each section contains sample contractual terms that physicians may consider when entering into a data-sharing or similar agreement that addresses the issues of ownership, custody, confidentiality, and enduring access of medical records.
This document is not exhaustive—it is for general informational and reference purposes only. The guidelines included do not constitute legal or professional advice, nor are they a substitute for such advice. Each physician or medical practice will need to assess the risks and benefits of the approach they choose to apply to their particular situation.
The guidelines in this document are complementary to the Physician Service Agreement
. Sample contractual terms provided can be incorporated into section (13) of the Physician Service Agreement on “records and audits.” Note that these contractual terms should not be considered a replacement for a legal agreement properly drafted in consultation with legal counsel.
Readers can refer to Appendix A
for a list of legal definitions for capitalized terms used in these guidelines, and the Personal Information Protection Act
to review the obligations physicians must meet when collecting, using, or disclosing personal information.