Authorization to Use or Disclose PHI: HIPAA Policy

Subscriber Content
Authorization to Use or Disclose PHI HIPAA Policy

This sample policy outlines procedures organizations should follow common to proper use or disclosure of protected health information (PHI).

The Health Insurance Portability and Accountability Act (HIPAA) requires a covered entity (CE) to obtain authorization to use or disclose protected health information for all purposes not explicitly permitted under the regulations (45 CFR §164.508[b][4]; §164.508[c]; §164.508[d]). A CE is a firm or individual group that provides healthcare services and that would use private health information. This includes physicians and all other caregivers, healthcare insurance plans, clearing houses and hybrid organizations.

Free Trial

Sign up for a free, no-obligation trial to start exploring our timesaving, valuable resources.