The purpose of this policy is to establish 51Թ's compliance with federal HIPAA regulations 45 CFR §§ 164.502(b) and 164.514(d), which require covered entities to make reasonable efforts to limit the use and disclosure of PHI to the minimum necessary. Information systems, including electronic health records contain more protected health information (PHI) than may be needed for a given purpose or disclosure. This policy governs the use and disclosure of PHI so that only the minimum amount of PHI is used when needed.
The scope of this policy is all workforce members of 51Թ’s health care component. 51Թ is a hybrid entity. Only the health care component (i.e., the covered functions) of 51Թ must comply with this policy. All references in this policy to “51Թ” shall be construed to refer only to the health care component of 51Թ.
PUNet ID required to review
Updated April 2023