Harmful Effect Mitigation, v1.0
Specifies that a covered entity must have policies and procedures to mitigate, to the extent practicable, any harmful effect that is known to the covered entity of a use or disclosure of protected health information.
A covered entity that is a group health plan is not subject to the standards or implementation specifications in this trustmark, but see Section 164.530(k) for specific exclusions.
Assessment Step
1
Harmful Effect Mitigation (HarmfulEffectMitigation)
Does the covered entity have policies and procedures to mitigate, to the extent practicable, any harmful effect that is known to the covered entity of a use or disclosure of protected health information in violation of its policies and procedures or the requirements of Section 164.500-599 by the covered entity or its business associate?
Artifact
A1
Provide evidence (e.g. organizational policies, procedures, compliance/assessment reports, etc.) that support the assessor's response to this assessment step.
|
Conformance Criteria (1)
Mitigate Harmful Effect
The covered entity must mitigate, to the extent practicable, any harmful effect that is known to the covered entity of a use or disclosure of protected health information.
Citation
HIPAA-Privacy-Rule
45 CFR Section 164.530(f)
|