BCCC 2024 Domain 2

Not legally required

A legal requirement under common law

Necessary only if the patient is a minor

A legal requirement under the privileged communication statute

Not required to provide access under any circumstances

Required to provide access within a reasonable time frame as per HIPAA regulations

Only required to provide access if the patient can prove need

Required to provide access but only to a summary of the records

Only the minimum necessary information be shared for the purpose of the disclosure

All patient information be shared upon request

Information can only be shared with the patient's explicit consent for each piece of information

No information is shared unless it is a life-threatening situation

Not necessary under any circumstances

Recommended but not required by HIPAA

A requirement under HIPAA for all electronic communication

Only required when sending information internationally

Redisclosure policies

Legal policies

Disclosure policies

Retention policies

Share all patient information with any inquiring party

Protect patient information from unauthorized access

Disclose patient information without consent in non-critical situations

Only protect digital patient records, not paper ones

Ensure compliance with billing practices

Track changes and access to patient records for security purposes

Monitor the health status of patients remotely

Facilitate the sharing of patient information across different healthcare providers

Incomplete or inaccurate

Too detailed

Fully accurate

Shared with their consent

The Centers for Medicare and Medicaid Services

The Office of the National Coordinator for Health Information Technology

The HHS Office of Civil Rights

The HHS Office of the Inspector General

Mandatory for all healthcare providers regardless of size

Only required for healthcare providers with more than 50 employees

Optional but recommended

Only necessary for hospitals and large clinics