|
|
|
|
          |
|
Under HIPAA regulations, some marketing communications by covered entitites require a prior written authorization when using protected health information (PHI). Marketing under HIPAA is defined as ""mak[ing] a communication about a product or service that encourages the recipients of the communication to purchase or use the product or service." Exceptions to the definition of marketing include:
The latter includes information about existing benefits as well as other products or services optionally available to a health plan enrollee. Population-oriented communications that promote health in "a general manner" are also excepted, provided they do not endorse a specific product or service. Second, though what remains is marketing, there is a further exception for any:
The presence of remuneration for the covered entity in these excepted situations does not convert a communication to the kind of marketing that requires an authorization for the purposes of HIPAA. Anti-kickback, fraud and abuse, or self-referral statutes and regulations may nonetheless apply. Also defined as marketing: "Any arrangement between a covered entity and any other entity [including business associates] whereby the covered entity discloses [PHI] to the other entity, in exchange for direct or indirect remuneration, for the other entity or its affiliate to make a communication about its own product or service that encourages recipients of the communication to purchase or use that product or service." Covered entities must obtain a prior, specific authorization for any use or disclosure of PHI that meets the definitions of marketing (and that doesn't qualify for the exceptions). If the marketing involves direct or indirect remuneration to the covered entity from a third party, the authorization must state that. For more detail, see the glossary entry on marketing (HIPAA). see also: last modified: 27-Jun-2003 [RC] |
| Privacy Policy | Copyright | Disclaimer | Contact Info | ||