Corporate Compliance

Overview of CMS privacy updates

Compliance Monitor, March 28, 2012

CMS recently issued further guidance regarding patient rights to privacy and medical record confidentiality that is consistent with standards issued under HIPAA.

The primary areas of focus are permitted incidental uses and disclosures and safeguards that are necessary to protect patient privacy.

Incidental uses and disclosures

The HIPAA Privacy Rule provides that an incidental use or disclosure is a secondary use or disclosure of patient information that:

  • Cannot reasonably be prevented
  • Is limited in nature
  • Occurs as a result of another use or disclosure that is permitted, such as disclosures required for purposes of treatment.

Incidental uses or disclosures are permitted if reasonable safeguards are implemented to limit them to the bare minimum necessary to accomplish the intended purpose.

Read more about these updates on HCPro’s HIPAA Update blog.

Most Popular