Which of the following types of information would an organization generally NOT be required to disclose to law enforcement?
Which of the following types of information would an organization generally NOT be required to disclose to law enforcement?
A . Information about medication errors under the Food, Drug and Cosmetic Act
B . Money laundering information under the Bank Secrecy Act of 1970
C . Information about workspace injuries under OSHA requirements
D . Personal health information under the HIPAA Privacy Rule
Answer: D
Explanation:
The HIPAA Privacy Rule generally prohibits covered entities and business associates from disclosing protected health information (PHI) to law enforcement without the individual’s authorization, unless one of the exceptions in 45 CFR § 164.512 applies. These exceptions include disclosures required by law, disclosures for law enforcement purposes, disclosures about victims of abuse, neglect or domestic violence, disclosures for health oversight activities, disclosures for judicial and administrative proceedings, disclosures for research purposes, disclosures to avert a serious threat to health or safety, disclosures for specialized government functions, disclosures for workers’ compensation, and disclosures to coroners and medical examiners. None of these exceptions apply to the type of information in option D, which is personal health information that is not related to any of the above purposes. Therefore, an organization would generally not be required to disclose such information to law enforcement under the HIPAA Privacy
Rule.
Reference:
https://www.justice.gov/opcl/overview-privacy-act-1974-2020-edition/disclosures-third-parties
https://bing.com/search?q=information+disclosure+to+law+enforcement
https://hipaatrek.com/law-enforcement-hipaa-disclosing-phi/
Latest CIPP-US Dumps Valid Version with 150 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund