How are covered entities expected to determine what is the minimum necessary information that can be used, disclosed, or requested for a particular purpose?

The HIPAA Privacy Rule requires a covered entity to make [...]

Lee Russell2020-09-10T21:16:51-04:00Minimum Necessary, Smaller Providers and Businesses|

Read More

May a covered entity that is a plaintiff or defendant in a legal proceeding use or disclose protected health information for the litigation?

Yes. Where a covered entity is a party to a [...]

Lee Russell2020-09-10T21:23:55-04:00Judicial and Administrative Proceedings, Minimum Necessary, Smaller Providers and Businesses, Treatment, Payment, and Health Care Operations Disclosures|

Read More

Won’t the HIPAA Privacy Rule’s minimum necessary standard impede the ability of workers’ compensation insurers, state administrative agencies, and employers to obtain the health information needed to pay injured or ill workers the benefits guaranteed them under State workers’ compensation system?

No. The Privacy Rule is not intended to impede the [...]

Lee Russell2020-09-10T21:22:41-04:00Disclosures Required by Law, Minimum Necessary, Smaller Providers and Businesses, Workers Compensation Disclosures|

Read More

Are business associates required to restrict their uses and disclosures to the minimum necessary? May a covered entity reasonably rely on a request from a covered entity’s business associate as the minimum necessary?

A covered entity’s contract with a business associate may not [...]

Lee Russell2020-09-10T21:30:13-04:00Business Associates, Minimum Necessary, Smaller Providers and Businesses|

Read More