The HIPAA Privacy Rule was enacted to both safeguard patients’ protected health information (PHI) from improper use and disclosure and establish the patient right to access that information so that they can be fully engaged in their care and are empowered to make informed health care decisions.
When it comes to disclosing PHI to people other than patients or those involved in their healthcare treatment, the HIPAA Privacy Rule generally mandates that covered entities obtain an authorization signed by a patient that contains specific core elements and required statements before copies of that patient’s medical records can be shared. These specific core elements and required statements provide patients with notice of their rights to access their medical information under HIPAA.
To read the full article, visit Becker’s Health IT.
