Skip Navigation

Notice of Privacy Practices

Does the HIPAA Privacy Rule require a business associate to create a notice of privacy practices?

Are covered entities permitted to give individuals a “layered” notice?

Are health plans required to make a good faith effort to obtain from their enrollees a written acknowledgement of receipt of the notice?

Are hospitals or other health care providers required to provide their notices to patients they treat in an emergency?

As a pediatrician, am I required to give my notice of privacy practices to the children I treat?

Can a covered entity bypass obtaining an individual's authorization for a use or disclosure not permitted by the HIPAA Privacy Rule simply by informing individuals of the use or disclosure through it notice of privacy practices?

Are health plans required to make a good faith effort to obtain from their enrollees a written acknowledgement of receipt of the notice?

Does a health plan have to provide a copy of its notice to each dependent receiving coverage under a policy?

Does the HIPAA Privacy Rule permit health care providers to obtain an electronic acknowledgement of the notice from individuals?

Does the HIPAA Privacy Rule require a health care provider to obtain a new acknowledgement of receipt of the notice from patients if the facility changes its privacy policy?

For group health plan products, can the health plan send its notice to the administrator of the group product or the plan sponsor for them to distribute to each employee enrolled in the plan?

How are health care providers supposed to provide the notice to individuals and obtain their written acknowledgement of the notice when the first treatment encounter is over the phone or in some other manner that is not face-to-face?

If a health care provider chooses to obtain an individual's consent to use or disclose protected health information about them, does the provider also have to make a good faith effort to obtain the individual's acknowledgement of the notice?

Is a pharmacist permitted to have customer acknowledge receipt of the notice by signing or initialing the log book that they already sign when they pick up prescriptions?

Is our medical practice required to notify patients through the mail of any changes to our notice?

It is common for hospitals and other health care providers to collect preoperative information over the phone from a new patient prior to the day of surgery in order to determine whether the patient has any special medical concerns or issues that need to be addressed. Does the HIPAA Privacy Rule prohibit this practice if the patient has not yet received or acknowledged the provider's notice?

Must a covered entity with a Notice of Privacy Practices that reflects more stringent State laws of multiple States, revise the whole Notice every time one State law materially changes?

We participate in an organized health care arrangement (OHCA). How are we to comply with the HIPAA Privacy Rule's requirements for providing notices and obtaining individuals' acknowledgements of the notice?

Is a health plan required to periodically notify enrollees about the availability, and how to obtain a copy, of its Notice of Privacy Practices?

Is a covered health care provider that conducts clinical research required to provide the Notice of Privacy Practices to participants of that trial?

My employer, a covered entity, is contemplating disclosing PHI for a research study under an IRB's waiver of the Authorization requirement. However, our Notice of Privacy Practices does not include a statement about “research.” Would we need to revise our Notice of Privacy Practices to include research uses and disclosures that are permitted without Authorization?

Are health care providers required by the HIPAA Privacy Rule to post their entire notice at their facility or may they post just a brief description of the notice?

Is a physician required to give her notice to every patient or can she just post the notice in her waiting room and give a copy to those patients who ask for it?

Back to Top

Back to HIPAA - Frequently Asked Questions