![]() ![]() If, however, researchers are employees or other workforce members of a covered entity (e.g., a hospital or health insurer), they may have to comply with that entity's HIPAA privacy policies and procedures. Researchers are not themselves covered entities, unless they are also health care providers and engage in any of the covered electronic transactions. Covered entities are health plans, health care clearinghouses, and health care providers that transmit health information electronically in connection with certain defined HIPAA transactions, such as claims or eligibility inquiries. ![]() With certain exceptions, the Privacy Rule applies to individually identifiable health information created or maintained by a covered entity. PHI is a subset of what is termed individually identifiable health information. The Privacy Rule establishes a category of health information, referred to as PHI, which may be used or disclosed to others only in certain circumstances or under certain conditions. The Privacy Rule is a response to public concern over potential abuses of the privacy of health information. For most covered entities, compliance with these regulations, known as the Privacy Rule, was required as of April 14, 2003. In response to a congressional mandate in the Health Insurance Portability and Accountability Act of 1996 (HIPAA), HHS issued regulations entitled Standards for Privacy of Individually Identifiable Health Information.
0 Comments
Leave a Reply. |