NOT ELIGIBLE FOR PREMIUM CREDIT

The HIPAA Privacy Rule regulates how a practice may use and disclose a patient’s protected health information, or PHI.  Moreover, the Privacy Rule aims to protect individuals’ health information while allowing the necessary flow of health information to ensure high-quality health care and protect public health and well-being.

This module discusses when PHI may be used or disclosed without patient authorization and when patient authorization is needed.

Learning Objectives are: 

1. Explain the HIPAA Privacy Rule’s requirements for the use and disclosure of protected health information (PHI).
2. Differentiate between required disclosures and permitted disclosures under HIPAA.
3. Identify situations requiring special authorizations, such as marketing, selling PHI, and disclosures of psychotherapy notes, substance use disorder records, and reproductive health records.
4. Outline the conditions under which PHI can be disclosed to law enforcement officials without patient authorization.
5. Explain the HIPAA Privacy Rule provisions for disclosing PHI for workers’ compensation purposes.

IMPORTANT:

As you begin to develop your practice’s HIPAA Program, it is important to remember it must be customized to your practice’s unique needs and site-specific information. The SVMIC HIPAA Compliance Manual’s policies and procedures are designed to serve as a template for what the practice should be doing.