1. Does the HIPAA Privacy Rule permit doctors, nurses, and other health care providers to share patient health information for treatment purposes without the patient’s authorization?
2. Does the HIPAA Privacy Rule prohibit researchers from conditioning participation in a clinical trial on an authorization to use/disclose existing protected health information?
3. Can an individual revoke his or her Authorization?
4. Can an Authorization be used together with other written instructions from the intended recipient of the information?
5. Does the Privacy Rule require that an Authorization be notarized or include a witness signature?
6. May a covered entity disclose protected health information specified in an Authorization, even if that information was created after the Authorization was signed?
7. Does the Privacy Rule permit a covered entity to use or disclose protected health information pursuant to an Authorization form that was prepared by a third party?
8. Yes. Under the Privacy Rule, a covered entity may use or disclose protected health information pursuant to a copy of a valid and signed Authorization, including a copy that is received by facsimile or electronically transmitted.
9. Is a copy, facsimile, or electronically transmitted version of a signed Authorization valid under the Privacy Rule?
10. Must an Authorization include an expiration date?
11. May a covered entity use or disclose a patient’s entire medical record based on the patient’s signed Authorization?
12. When is an authorization required from the patient before a provider or health plan engages in marketing to that individual?
13. Are health care providers restricted from consulting with other providers about a patient’s condition without the patient’s written authorization?
14. Can health care providers, such as a specialist or hospital, to whom a patient is referred for the first time, use protected health information to set up appointments or schedule surgery or other procedures without the patient's written consent?
15. Can a patient have a friend or family member pick up a prescription for her?
16. Does the HIPAA Privacy Rule permit a health care provider or other covered entity or its collection agency to communicate with parties other than the patient (e.g., spouses or guardians) regarding payment of a bill?
17. Does a health care provider need a patient's written authorization to send a copy of the patient's medical record to a specialist or other health care provider who will treat the patient?
18. Does the HIPAA Privacy Rule prohibit researchers from conditioning participation in a clinical trial on an authorization to use/disclose existing protected health information?
19. When is an authorization required from the patient before a provider or health plan engages in marketing to that individual?
20. What is the difference between “consent” and “authorization” under the HIPAA Privacy Rule?
21. When is an authorization from the patient required?
22. Is verbal authorization permissable?
23. Does an authorization have to be notarized?
24. Are health care providers always required to comply with an authorization?
25. Under what circumstances can an individual revoke a signed authorization and what are our obligations if there is a revocation?
26. Is there ever an occasion when a person cannot revoke an authorization?
27. What is a defective authorization?
28. Can an authorization be combined with another consent or authorization form?
29. What are the documentation requirements by health care providers with respect to authorizations?
30. Can health care providers condition the provision of treatment to an individual that refuses to sign an authorization?
31. If a patient authorizes a health care provider to release certain portions of his medical record to another person, are health care providers required to undertake the effort to review and select only those portions requested or can they just send the whole record?
32. Are health care providers required to verify the identity of an individual signing an authorization?
33. Are health care providers entitled to rely on a copy of an authorization rather than the original?
34. Can a named insured sign an authorization on behalf of dependents?
35. Can health care providers release information if an entity such as a government agency gives assurances that it has a valid authorization from the patient for the release?
36. Must health care providers give a copy of the signed authorization to the patient?
37. Has HHS developed a model authorization form?
38. What information must be included in a valid authorization form?
39. What extra information elements is required in an authorization
40. How detailed does the description of the information to be used or disclosed have to be in the authorization?
41. How much detail must be provided about the person that will be receiving the authorized information?
42. What information must be included in the authorization regarding an individual's right to revoke the authorization?
43. Must the expiration date be a specific date, such as May 31, 2006?
44. Does an authorization need to be signed by the individual?
45. Must an authorization be dated on the day it is signed?
46. Can health care providers include elements in an authorization other than those required in the regulations?
47. Will electronic signatures be accepted?
48. What is the "plain language" requirement?