: HOME  |  University Policies  |  Frequently Asked Questions  |  Forms |  Training  |

Additional Information  |  Contact Information

YOU ARE HERE : HOME / HIPAA Frequently Asked Questions / FAQ 5

5. When is a covered entity required to obtain an authorization to use and disclose a patient’s protected health information? A covered health care provider must obtain an authorization for uses and disclosures of PHI for: 1. Uses and disclosures other than for treatment, payment, and health care operations; 2. Psychotherapy notes; and 3. Marketing. A covered entity cannot require an individual to execute an authorization as a condition of receiving healthcare treatment. An authorization, in order to be valid, must contain certain elements specified in the regulations. The University is in the process of developing a prototype authorization form. Return to FAQ List

TOP ^

: Home  |  University Policies  |  Frequently Asked Questions  |  Forms  |  Training  |  Additional Information  |  Contact Information

OUHSC HOME / SEARCH / FEEDBACK

Office of Compliance Bird Library, Rm 221, 1000 Stanton L. Young, Oklahoma City, OK 73104 (405) 271-2511 This web site Design, Built, and Maintained by the Information Design Group a department of the University of Oklahoma Health Sciences Center. Please send web site related comments, questions, or error reports to webmaster@ouhsc.edu Every effort will be made to update the information contained on these pages as necessary. However, it is the responsibility of the user to determine that he or she is relying on the most current version of any particular information. Any questions about the material should be directed to the referenced office or department.

Copyright © 2003-2004 The Board of Regents of the University of Oklahoma, All Rights Reserved. Disclaimer | Copyright