The HIPAA Privacy Rule, effective since April 14, 2003, brought forth standards covering the permittable uses and disclosures of health information, including to whom information can be disclosed and under what circumstances protected health information (PHI) can be shared.
HIPAA Journal’s recent article entitled “What is HIPAA Authorization?” says that permitted uses and disclosures are generally for treatment, payment, or health care operations and reporting issues, such as domestic abuse, to public health agencies.
HIPAA authorization is consent from a patient or health plan member that lets a covered entity or business associate use or disclose PHI to an individual/entity for a purpose otherwise not allowed by the HIPAA Privacy Rule.
Without HIPAA authorization, this use or disclosure of PHI would violate HIPAA Rules and could result in a severe financial penalty. It may even be criminal.
Federal regulations detail the uses and disclosures of PHI that require authorization from a patient or plan member before information can be shared or used. HIPAA authorization is required for the following:
A HIPAA authorization is a detailed document in which specific uses and disclosures of protected health are fully explained.
By signing the authorization, a person consents to have their health information used or disclosed for the reasons stated on the approval.
Reference: HIPAA Journal (Oct. 9, 2021) “What is HIPAA Authorization?”
(By Appointment Only)
14425 Falcon Head Blvd
Bldg E-100
Austin, TX 78738