Description should include that the covered entity is permitted, but not required, to use and disclose PHI without an individual’s authorization for the following circumstances:
- at the individual’s request
- for treatment, payment, and healthcare operations
- to provide an opportunity to agree or disagree
- for an incident related to an otherwise permitted use and disclosure
- living will
- power of attorney
- speaker present
- advanced directive
- for public interest and benefit activities
- to provide limited data set for the purposes of research, public health, or healthcare operations
- for victims of abuse, neglect, or domestic violence
- to facilitate health oversight activities
- for judicial and administrative proceedings
- for law enforcement purposes
- in cooperation with cadaveric organ, eye, or tissue donation
- for decedents
- for research
- in cases of serious threat to health or safety
- to facilitate essential government functions (e.g., the fight against terrorism)
- to facilitate a workers’ compensation claim
Process/Skill Questions:
- What criminal act allows for permitted disclosure of PHI under essential government functions?
- Why does workers’ compensation qualify as permitted disclosure?
- Why are the incidental use and disclosure forms important?