The purpose of this policy is to establish 91Ƶ's compliance with federal HIPAA regulations 45 CFR §§ 164.502(b) and 164.514(d), which require covered entities to make reasonable efforts to limit the use and disclosure of PHI to the minimum necessary. Information systems, including electronic health records contain more protected health information (PHI) than may be needed for a given purpose or disclosure. This policy governs the use and disclosure of PHI so that only the minimum amount of PHI is used when needed.
The scope of this policy is all workforce members of 91Ƶ’s health care component. 91Ƶ is a hybrid entity. Only the health care component (i.e., the covered functions) of 91Ƶ must comply with this policy. All references in this policy to “91Ƶ” shall be construed to refer only to the health care component of 91Ƶ.
PUNet ID required to review
Updated April 2023