The HIPAA Privacy Rule generally prohibits covered entities and business associates from disclosing protected health information (PHI) to law enforcement without the individual’s authorization, unless one of the exceptions in 45 CFR § 164.512 applies. These exceptions include disclosures required by law, disclosures for law enforcement purposes, disclosures about victims of abuse, neglect or domestic violence, disclosures for health oversight activities, disclosures for judicial and administrative proceedings, disclosures for research purposes, disclosures to avert a serious threat to health or safety, disclosures for specialized government functions, disclosures for workers’ compensation, and disclosures to coroners and medical examiners. None of these exceptions apply to the type of information in option D, which is personal health information that is not related to any of the above purposes. Therefore, an organization would generally not be required to disclose such information to law enforcement under the HIPAA Privacy Rule. References: https://www.justice.gov/opcl/overview-privacy-act-1974-2020-edition/disclosures-third-parties
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit