Module 1: Introduction to HIPAA
Module 2: Fundamentals of PHI
Module 3: The Privacy Rule – Uses, Disclosures, and Compliance
Module 4: The Security Rule – Uses, Disclosures, and Compliance
1 of 3

3.8.4 Disclosure Accounting

A covered entity or its business partners must account to individuals for any disclosures of their protected health information.

However, the Privacy Rule does not require accounting for the following disclosures:

  • For a treatment, payment, or healthcare operations
  • For public interest and benefit activities
  • To the individual subject to the information
  • To the individual’s representative
  • Where opportunity is given to the individual to agree or object
  • To institutions of punishment or law enforcement officers for specific objectives relating to detainees or anyone lawfully held in custody
  • Incidental use and disclosure
  • Where there is limited data for operations in research, public health, or healthcare.
Notify of
0 Discussions
Inline Feedbacks
View all comments
Post a comment

Leave a Comment

Your email address will not be published. Required fields are marked *

Would love your thoughts, please comment.x