Can a covered entity use existing aspects of the HIPAA Privacy Rule to give individuals the right to Opt-In or Opt-Out of electronic health information exchange?
Yes. In particular, the Privacy Rule’s provisions for optional consent [...]
How do HIPAA authorizations apply to an electronic health information exchange environment?
The HIPAA Privacy Rule requires the individual’s written authorization for [...]
Does the HIPAA Privacy Rule inhibit electronic health information exchange across different states or jurisdictions?
No. The Privacy Rule establishes a federal baseline of privacy [...]
How may judgments be made electronically about denial of access under the HIPAA Privacy Rule?
The Privacy Rule differentiates between two types of denial, reviewable [...]
How would a covered entity or health information organization (HIO), acting on its behalf, know if someone were a personal representative for the purpose of granting access under the HIPAA Privacy Rule?
The Privacy Rule’s verification standard requires that covered entities develop [...]
In an electronic health information exchange environment, what is a designated record set for purposes of an individual’s right of access under the HIPAA Privacy Rule?
To the extent covered entities maintain their own electronic records [...]
What are a covered entity’s responsibilities to notify others in a network if an amendment to protected health information is made?
Under the HIPAA Privacy Rule, a covered entity must make [...]
Who is responsible for amendment of protected health information in an electronic health information exchange environment?
The HIPAA Privacy Rule designates a covered entity as the [...]
Does the HIPAA Privacy Rule permit a covered entity to disclose psychotherapy notes to or through a health information organization (HIO)?
Yes, provided the covered entity has obtained the individual’s written [...]