The purpose of this policy is to establish 鶹Ӱ's compliance with federal HIPAA regulations 45 CFR §§ 164.502(b) and 164.514(d), which require covered entities to make reasonable efforts to limit the use and disclosure of PHI to the minimum necessary. Information systems, including electronic health records contain more protected health information (PHI) than may be needed for a given purpose or disclosure. This policy governs the use and disclosure of PHI so that only the minimum amount of PHI is used when needed.
The scope of this policy is all workforce members of 鶹Ӱ’s health care component. 鶹Ӱ is a hybrid entity. Only the health care component (i.e., the covered functions) of 鶹Ӱ must comply with this policy. All references in this policy to “鶹Ӱ” shall be construed to refer only to the health care component of 鶹Ӱ.
PUNet ID required to review
Updated April 2023