Can PHI Be Disclosed to Entities Other Than Public Health Authorities?

Video 15 of 14
5 min 29 sec
English
English

The HIPAA Rule permits covered entities to disclose protected health information, without authorization, for cases of child abuse or neglect, FDA regulated products, exposure to communicable diseases, and workplace medical surveillance.

In addition information is often needed to serve people in the event of an emergency. Covered entities may disclose information in a limited data set, when it has obtained a data use agreement with the data recipient and the information disclosed is limited to the amount reasonably necessary to accomplish that public health purpose.