Records should only be accessed by individuals who are_________

Records should only be accessed by individuals who are assigned to them because this aligns with the principles of confidentiality and privacy outlined in HIPAA regulations. Accessing patient records is subject to strict guidelines to ensure that only authorized personnel, typically designated by their role and responsibilities within a healthcare organization, can view sensitive health information. This helps safeguard patient privacy and prevents unauthorized access, which could lead to data breaches and non-compliance with HIPAA standards.

While other options may seem relevant, they do not uphold the required protocols. For instance, being related to the patient does not grant authorization to access records, as it can lead to potential conflicts of interest and breaches of privacy. Having friendships with staff members or being part of the administration does not inherently provide the necessary authorization needed to access patient information. Assigning access based on official roles and responsibilities is crucial to maintaining the integrity and security of patient health information.