Authorization to Use or Disclose PHI: HIPAA Policy

Subscriber Content
Authorization to Use or Disclose PHI HIPAA Policy
A Sample Policy for HIPAA Authorization: Procedures for Using and Disclosing PHI

This sample policy outlines procedures organizations should follow common to proper use or disclosure of protected health information (PHI).

The Health Insurance Portability and Accountability Act (HIPAA) requires a covered entity (CE) to obtain authorization to use or disclose protected health information for all purposes not explicitly permitted under the regulations (45 CFR §164.508[b][4]; §164.508[c]; §164.508[d]). A CE is a firm or individual group that provides healthcare services and that would use private health information. This includes physicians and all other caregivers, healthcare insurance plans, clearing houses and hybrid organizations.


Topics
Privacy
Healthcare & Pharmaceuticals Industry
Data Security
IT Security
Laws & Regulations
Document Retention
Compliance

Related Resources

Audit Reports

HIPAA Security Gap Assessment Report

Guides

Ethics Program Guide

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.

Let's Do It