How Information Blocking Rule compliance creates Privacy Rule compliance challenges

1 minute read

The second compliance date for the Information Blocking Rule (IBR) has come and gone, so why do challenges remain? One reason is the continued misunderstanding of the IBR risk of harm exception. This exception ties to the HIPAA Privacy Rule exception for denying an individual access to the protected health information a covered entity holds.

Under IBR, organizations must provide access, use, or exchange of electronic health information if the patient or a personal representative of the patient requests it. Under the Privacy Rule, an individual may be denied access if allowing access to the data would result in death or bodily injury to the patient or someone else. Access can be denied for requests by the personal representative if allowing access would cause substantial harm to the patient or another party.

This document is only available to members. Please log in or become a member.


Would you like to read this entire article?

If you already subscribe to this publication, just log in. If not, let us send you an email with a link that will allow you to read the entire article for free. Just complete the following form.

* required field