go to University of Miami home page
 
go to site home pagego to reports pagego to laws and regulations pagego to glossary indexgo to FAQ indexgo to training matls indexgo to web links pagego to bibliography pagego to contact directory page


Home > Training Index >

 

 

fundraising fundamentals (HIPAA)

 

Absent an authorization, covered entities may themselves use (or disclose to business associates and institutionally-related foundations performing fundraising on their behalf) only basic demographic information.

Demographic information, in this context, includes name, address and other contact information, age, gender, insurance status, and dates of health care services provided.

Use of any other kind of protected health information for fundraising purposes -- whether internally by the covered entity, or "externally" by a business associate or affiliated foundation -- requires an authorization from the patient. This includes use of anything related to the patient's illness diagnosis or treatment.

Any kind of fundraising activity -- including just use of the two kinds of information that require no authorization -- must be described in the Notice of Privacy Practices given to all patients.

Any fundraising contact must indicate how the individual may opt out of future communications. Covered entities are obligated to honor opt out requests promptly.

For more detail, see the glossary entry on fundraising (HIPAA).

see also:

HIPAA and fundraising quiz

last modified: 29-Oct-2002 [RC]

 

<< Back | P/DP Home | Training Index | Site Help | Search
 
  Privacy Policy Copyright Disclaimer Contact Info