|  | Healthcare Industry | General Healthcare Industry

HIPAA & Authorization for Release of Information

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) contains strict standards regarding the release of an individual's health information without authorization. This act was an important milestone in protecting the privacy rights of patients.

  1. Privacy Rule

    • The rule governing the authorization of the release of patient health information is called the privacy rule. It was not part of the original HIPAA legislation, but was the result of a rule proposed by the Department of Health and Human Services, and was finalized on December 28, 2000.

    Patient Authorization

    • A health care provider or other entity subject to the rule must obtain a patient's written authorization for any use or disclosure of protected health information. There are several exceptions to this, including whether the information is needed for treatment.

    Plain Language

    • Authorizations must be specific and written in plain English. They must also state to whom the information is being released.

    Conditional

    • A health care provider or other entity subject to the rule may not generally make treatment conditional on the patient signing an authorization.

    Minimum Necessary

    • If an authorization is obtained, only the minimum necessary amount of protected health information to accomplish the purpose may be disclosed.

General Healthcare Industry - Related Articles