Disclosures for Emergency Preparedness - A Decision Tool: AuthorizationAuthorization
The core elements of a valid authorization include: Show
For additional requirements of a valid authorization, refer to the FAQs on authorizations. Content created by Office for Civil Rights (OCR)
An official State of Texas website.
Texas Health and Human Services Search the Texas HHS site
Breadcrumb
Instructions for Opening a FormSome forms cannot be viewed in a web browser and must be opened in Adobe Acrobat Reader on your desktop system. Click here for instructions on opening this form. Effective Date: 12/2018 3039.pdf (113.3 KB) Learn about your rights to the privacy and security of your health information.The Office of the Attorney General understands that your medical and health information is deeply personal and that a failure to protect it potentially exposes you to medical identity theft. The federal Health Insurance Portability and Accountability (HIPAA) law and the Texas Medical Records Privacy Act (TMRPA) serve to help you protect your personal health information (PHI). Under
HIPAA and TMRPA, you have the following patient privacy rights:
Read more about HIPAA, the HIPAA Privacy Rule and the HIPAA Security Rule on the Department of Health and Human Services' website. Read the Texas Medical Records Privacy Act. File a Patient Privacy Complaint If you believe your PHI has been or may have been used or disclosed in violation of HIPAA or the Texas Medical Records Privacy Act you may file a complaint with:
By mail: By fax: OCR's Customer Response Center: The information provided here is for general informational purposes and not intended to serve as legal advice or opinion. What is authorization to disclose protected health information?An authorization is a detailed document that gives covered entities permission to use protected health information for specified purposes, which are generally other than treatment, payment, or health care operations, or to disclose protected health information to a third party specified by the individual.
Is authorization required to disclose any PHI?HIPAA. Section 164.508 of the final privacy rule states that covered entities may not use or disclose protected health information (PHI) without a valid authorization, except as otherwise permitted or required in the privacy rule.
What are two required elements of an authorization needed to disclose PHI?The core elements of a valid authorization include: A meaningful description of the information to be disclosed. The name of the individual or the name of the person authorized to make the requested disclosure. The name or other identification of the recipient of the information.
What can protected health information be disclosed without authorization?Covered entities may also use and disclose protected health information without individual authorization for certain public interest-related activities. These include: Oversight of the healthcare system, including licensing and regulation. Public health, and in emergencies affecting the life or safety.
|