Minimum Necessary Does Not Apply To

Minimum Necessary Does Not Apply To

The minimum necessary concept does not apply to provider-to-provider communications, incidental disclosures or when an individual requests their own PHI.

Provider-to-Provider Communications.

The minimum necessary standard does not apply to provider-to-provider communications. Under HIPAA, providers may share medical information to coordinate treatment and care when they are involved in providing your health care or are assisting in your health care. This means that if you have more than one provider and that provider needs information from another provider to assist them with coordinating your treatment or care, they can share that information without violating the minimum necessary rule because it is not being used for billing purposes but rather for treatment purposes.

Incidental Disclosures.

Incidental Disclosures are defined as those that do not violate the Minimum Necessary Rule and are not subject to any other rules or laws. Incidental Disclosures include:

  • Information shared with a third party who has a relationship with you, such as your lawyer or accountant
  • Information shared with an individual who has agreed to be part of a group (for example, a family) which is considered sensitive personal health information

Request by Individual for own PHI.

An individual may request access to his or her own PHI. The request must be made in writing, and must specify the PHI to be disclosed and the purpose for which it will be used.

Minimum Necessary Does Not Apply To

The Minimum Necessary principle does not apply to:

  • Passwords, PINs and other access codes (like the code on an ATM card, or the code to unlock your phone);
  • Biometrics such as fingerprints and voice prints; and * Sensitive health information (for example, medical records), which are protected under specific legislation.

In conclusion, it is important to understand the minimum necessary standard and how it applies to the different ways in which your data may be shared. This includes provider-to-provider communications, incidental disclosures, request by individual for own PHI and more.

Add a Comment

Your email address will not be published. Required fields are marked *