What is a HIPAA Consent Form?
A signed HIPAA consent form must be obtained from a patient before their protected health information (PHI) can be shared with any other individuals or organizations, except in the case of routine disclosures for treatment, payment or healthcare operations as permitted by the HIPAA Privacy Rule. The disclosure of medical records without a HIPAA authorization form is a HIPAA violation.
A HIPAA consent form is a legal document that authorizes covered entities to disclose protected health information that is not permitted by the HIPAA Privacy Rule. The form must be retained as proof that the authorization was obtained in writing to waive certain Privacy Rule restrictions.
When Must HIPAA Authorization be Obtained?
A HIPAA authorization form is required before:
o Communication occurs face to face between the covered entity and the individual; or
o When the communication includes a promotional gift of nominal value.
What Information Must a HIPAA Authorization Contain to be Valid?
The law requires that a HIPAA authorization form contain specific “core elements” to be valid.
These elements include:
The HIPAA release form must also include the following information:
Want to know more about HIPAA? Ask the experts at MedSafe.
If you have questions about HIPAA consent forms or HIPAA training contact the experts at MedSafe. MedSafe is the nation's leading one-stop resource for outsourced accreditation and healthcare compliance solutions. For over 20 years, we have been providing peace of mind to hospital groups, private practices, and their business associates. Our suite of onsite and online services, including OSHA, HIPAA, Corporate Compliance and Code Auditing, equip your practice with the necessary tools and skills to achieve and maintain regulatory & billing compliance. MedSafe takes a hands-on approach and works directly with your team to uncover issues and define suitable solutions.
Phone: (888) MED-SAFE