HIPAA Compliance Fact Sheet: An Overview for Healthcare Operations
The United States Department of Health and Human Services (HHS), Office of the National Coordinator for Health IT (ONC), and Office for Civil Rights (OCR) have worked together to develop two fact sheets on HIPAA Permitted Uses and Disclosures. The effort was made to lessen confusion among healthcare organizations on when and where they could transfer PHI without requiring specific patient authorization.
The fact sheet entitled “Permitted Uses and Disclosures:
Exchange for Health Care Operations” provides the follow examples of permitted transfers between a covered entity (CE) and another CE or business associate (BA). The following activities are listed as permitted for the purposes of healthcare care operations activities and do not require written patient consent so long as the proper relationship between the two parties has been established as per outlined HIPAA guidelines:
- Conducting quality assessment and improvement activities
- Developing clinical guidelines
Read the entire article here, HIPAA Compliance Fact Sheet: An Overview for Healthcare Operations
via the fine folks at Lua Messaging