The Privacy Rule does not require you to eliminate all incidental disclosures. The Privacy Rule recognizes that it is not practicable to eliminate all risk of incidental disclosures. In August 2002, specific modifications to the Rule were adopted to clarify that incidental disclosures do not violate the Privacy Rule when you have policies which reasonably safeguard and appropriately limit how protected health information is used and disclosed.
Published by RISC
RISC Management & Consulting is an organization dedicated to information security and compliance, focused on healthcare & banking. RISC Management was founded by professionals with extensive experience in Healthcare, Information Security & Compliance to assist those organizations with obligations related to: HIPAA – The HITECH Act – HITRUST – Meaningful Use & ISO 27001 & 27002 RISC Management & Consulting offers several core practice areas to support the needs and legal obligations of our clients. All of our services are focused on getting you compliant with Privacy & Security requirements, quickly, completely, and affordably! To learn more about our Healthcare practice areas please visit www.RISCsecurity.com View all posts by RISC