CMIA Requires Annual Authorization for Specific Disclosures of PHI

October 18, 2024
OSHA Review
California Dental Regulation, Dental Bytes, OSHA Review

The California Medical Information Act (CMIA), which differs slightly from the Federal Health Insurance Portability and Accountability Act (HIPAA), was updated in 2004 to require healthcare providers to obtain annual written authorization from a patient for certain disclosures of protected health information (PHI). Specifically, the following uses and disclosures of PHI require a signed patient authorization, which must be renewed annually:

Uses or disclosures related to psychotherapy records
Disclosures during marketing activities
Disclosures involving the sale or licensing of PHI
Use of PHI for research purposes

Once a patient has signed the authorization, the dental provider must provide instructions on how to access a copy or digital version of the signed authorization. Regarding the use and disclosure of PHI, dental providers must always make reasonable efforts to use or disclose only the “minimum necessary” PHI to accomplish the intended purpose of the use or disclosure.

For our subscribers of OSHA Review… for more information on HIPAA Compliance, please refer to the July/August 2022 Training Document in Section X of your OSHA Review binder. A sample Notice of Privacy Policy, a HIPAA plan template form, a sample business associate contract, breach documentation, and a HIPAA security risk analysis checklist are available from OSHA Review’s website.

CMIA Requires Annual Authorization for Specific Disclosures of PHI

OSHA Review

OSHA Review’s Spore Check System

SUV Ultra 5 Disinfectant & Cleaner

SUV Ultra Disinfecting Wipes

OSHA Review Compliance Program

OSHA Review © Dosimetry Monitoring Service

Sign up to receive our latest news & events

Share This

OSHA Review

Related Posts

Sign up to receive our latest news & events