Code of Federal Regulations
TITLE 45--PUBLIC WELFARE
SUBTITLE A--DEPARTMENT OF HEALTH AND HUMAN SERVICES
PART 164--SECURITY AND PRIVACY
Subpart E--Privacy of Individually Identifiable Health Information
Revised as of October 1, 2004
CITE: 45CFR164.524


Sec. 164.524 Access of individuals to protected health information.


(a) Standard: Access to protected health information.

(b) Implementation specifications: requests for access and timely action.

(c) Implementation specifications: Provision of access.
If the covered entity provides an individual with access, in whole or in part, to protected health information, the covered entity must comply with the following requirements.

(d) Implementation specifications: Denial of access.
If the covered entity denies access, in whole or in part, to protected health information, the covered entity must comply with the following requirements.

(e) Implementation specification: Documentation.
A covered entity must document the following and retain the documentation as required by Sec. 164.530(j):


If the covered entity, after internal appeal, still refuses to provide you with your records, you may appeal to HHS.

Here is the complaint form.
It is a pdf. You can print it out and fill it in.
Or you can get it at www.hhs.gov/ocr/privacy/hipaa/complaints/