Thomas,
The Privacy Act of 1974 regulates the
collection, maintenance, use, and dissemination of personal information by the federal
government. I believe it applies only to federal agencies defined as
"any Executive department, military department, Government corporation,
Government
I am implementing the Privacy Rule in my private practice
and have found 2 references in the rule to privacy acts which I am unfamiliar
with. The rule references the Privacy Act of 1974 and also Privacy Act 5 USC in
the discussions about when a CE can deny an individual access to their PHI
In the situation you describe, it's pretty clear if you're the provider, you
are at risk since you're responsible to mitigate this type of situation:
I would:
A: Consult your policy and procedure manual regarding termination before the
employee is terminated.
Document the steps taken upon termina
You might want to review the section in WEDI SNIP Privacy Policies and
Procedures Resource Document (version 2.0) on the topic of use and
disclosures of PHI to brokers. The resource document is available for
download from the SNIP website - http://snip.wedi.org. This document is an
update to the
Hi All,
I have 2 questions on employee termination.
1. If the employee is terminated but has deliberately taken patient
information with them and starts using or harrassing them, what should the
provider or the CE supposed to do. Should they :-
(a) call the law enforcement or
(b) should they just
I am looking for citations from the Privacy rule that support the
disclosure of PHI to Insurance Brokers when the member asks the
broker to intervene on their behalf with the Health Plan or Group
Health Plan.
Assume the broker has a BA contract in place with the Health Plan or
Group Health Plan.
§ 164.508 Uses and disclosures for which an authorization is required...
...(c) Implementation specifications: Core elements and requirements.
(1) Core elements. A valid authorization under this section must contain at
least the following elements:
(i) A description of the information to be used or
I believe that HIPAA requires any authorization to expire either on a
specific date or at a specific event. An event expiration could in fact, be
upon the individual's demise. Unfortunately I don't have a specific cite
from the rag on this.
Rachel Foerster
Principal
Rachel Foerster & Associates, L
I do not believe that HIPAA mandates that an authorization can only be valid
for 60 days. Such a limitation might be a part of state law, or an
organization's own standard. I think that if you can foresee the need for
the disclosure when the patient is admitted, then you can have it signed at
that
As the need arises. The authorization is only valid for 60 days.
-Original Message-
From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
Sent: Monday, January 20, 2003 1:20 PM
To: WEDI SNIP Privacy Workgroup List
Subject:When to have the
-Original Message-
From: [EMAIL PROTECTED] [SMTP:[EMAIL PROTECTED]]
Sent: Monday, January 20, 2003 1:20 PM
To: WEDI SNIP Privacy Workgroup List
Subject:When to have the patient sign an authorization
How are providers in part
Darrell,
Thank you very much for this wonderful comparison of the HIPAA regulations
to the "signed-consent" aspects of the AOD regulations (42 CFR part 2).
This is very helpful to many of us who work in SAMHSA-funded programs.
Best regards,
Matt
Matthew Rosenblum
Chief Operations Officer
Priv
Jill,
I'm
not sure how a provider could have them sign an authorization when they arrive
unless they already knew they would need one for a specific event. The regs say
the authorization must be for a specific event or time period. I'm not sure you
can get away with a blanket authorization.
How are providers in particular handling the singing of authorizations? Are practices having patients sign it when they first come in, for future disclosures, or as the specific situations arise (i.e., they later decide their atty. should see the medical records and sign an applicable authorization
Matt-
I'll take a stab at answering your question. Please remember that in an
effort to keep it relatively brief, this is a fairly simplistic, high-level
overview.
Under 42 C.F.R. Part 2 (which I'll refer to as the AOD (Alcohol and Other
Drugs)regs), disclosure within a "program" is allowed on a
15 matches
Mail list logo
