MediCopy releases health information to insurance companies, attorneys, employers, and many other third-party requesters on behalf of our healthcare partners.  We understand that medical requests and forms are time-sensitive and they are handled with the utmost care, security, and efficiency.

Steps for Requesting Medical Records:  

Option 1: Click here to submit requests electronically.

Option 2: Mail requests directly to MediCopy

MediCopy Services, Inc.
8 City Blvd., Suite 400
Nashville, TN 37209 

If you are unable to submit a request via the above options please call MediCopy directly at 866-587-6274. 

IMPORTANT: The HIPAA Privacy Rule requires a completed, patient-signed HIPAA authorization for all disclosures of PHI, with the exception of disclosures for the purpose of treatment, payment, or health care operations. If your request does not fall under this exemption, please ensure that a valid HIPAA authorization is attached to your request. If the signer of the authorization is not the patient, please also include documentation indicating that the signer is the patient's personal representative (i.e. Power of Attorney, Executor of the Estate, etc.)

 

Requestor Resources

Pay My Bill Online

Patient Authorization Form to Request Medical Records

insurance

As soon as your office sends a medical record request to MediCopy or one of our partnering healthcare facilities, our dedicated account managers will retrieve the requested information directly from the facility.  If all records are stored in paper form, processing time may be longer. However, if the requested records are stored electronically, the request may be processed in as little as two business days.

Once all records are retrieved, the records will be quality checked, an invoice will be created, if applicable, and then the records will be released per your requested method. MediCopy offers secure electronic delivery options, including secure emails and our CarePortal in order to accommodate all requestors and expedite the process.

MediCopy CarePortal Provides:

  • HIPAA-compliant, cloud-based platform securely delivering PHI to requestors
  • Easy sharing of files to users both within and outside of your department or company
  • Direct communication with MediCopy and your staff through secure messaging
  • Elimination of the need for faxing or mailing records
 

MRO Notice to Requesters

HIPAA Privacy Rule To Support Reproductive Health Care Privacy

On April 26, 2024, the Department of Health and Human Services Office for Civil Rights (HHS OCR) published a final rule entitled “HIPAA Privacy Rule to Support Reproductive Health Care Privacy” (“Reproductive Health Rule”). The Reproductive Health Rule amends federal privacy regulations to restrict the circumstances in which HIPAA-regulated entities may disclose an individual’s reproductive health information for the purpose of an investigation or proceeding against persons for seeking, obtaining, providing, or facilitating lawful reproductive health care (collectively “prohibited purposes”).

This Reproductive Health Rule is applicable to MRO’s healthcare provider clients, as HIPAA-covered entities, and to MRO
itself, as a HIPAA-business associate, and directly impacts requests that are made for any of the following purposes:

  • Health oversight activities
  • Judicial or administrative proceedings
  • Law enforcement
  • disclosures to coroners and medical examiners

Barring a nationwide stay or injunction blocking enforcement of the final rule, MRO and its healthcare provider clients will be required to comply with the requirements and prohibitions effective December 23, 2024.

*For any medical record request that includes protected health information “potentially related to reproductive healthcare,” MRO and its healthcare provider clients must obtain a signed attestation in order to release the records.

*To minimize processing delays, health oversight, judicial/administrative, law enforcement, and coroner/medical examiner requesters, MRO strongly recommends that requesters include, with initial request documents, an HHS OCR Model Attestation, that is signed by the person ultimately requesting the medical records.

A copy of the OCR Model Attestation is included below for ease of reference.

MRO cannot accept:

Signature from third party intermediaries, such as retrieval companies

Signature from anyone other than the ultimate requester

Attestations created by the requester or requester’s representative

MRO can accept:

Signature from the ultimate requester (or representative of ultimate requester, provided that a description of such representative’s authority to act for the requester is also provided). For example:

  1. Subpoena: Attorney compelling disclosure
  2. Court order: Judge granting order
  3. Administrative Request (subpoena or summons): Agency representative
  4. Law Enforcement Request (warrant, subpoena): Law enforcement agency representative

OCR Model Attestation

Valid attestation created by MRO client

Click here (https://www.hhs.gov/sites/default/files/model-attestation.pdf) to view the Model Attestation for a Requested Use or Disclosure of PHI Potentially Related to Reproductive Health Care form from HHS.