Regarding a person who has been deceased for more than 50 years.<\/li>\n<\/ol>\nHIPAA rules protect most PHI held or transmitted by a covered entity or its business associate, in any form or medium, whether electronic, on paper, or oral. \nPHI is information, including demographic information, which relates to the individual's past, present, or future physical or mental health or condition, the provision of health care to the individual, or the past, present, or future payment for the provision of health care to the individual. For example, PHI includes name, address, birth date, Social Security Number, a medical record, laboratory report, or hospital bill. However, reporting or aggregating data that cannot be used to individually identify a person would not be considered PHI.",
"Abbreviations": ["PHI"],
"Name": "Protected Health Information"
},
{
"Definition": "Information, that may be individually identifiable health information, and that summarizes the claims history, claims expenses, or type of claims experienced by individuals.",
"Name": "Summary Health Information"
},
{
"Definition": "The U.S. Department of Health and Human Services' (HHS) mission is to enhance and protect the health and well-being of all Americans by providing for effective health and human services and fostering advances in medicine, public health, and social services.",
"Abbreviations": ["HHS"],
"Name": "U.S. Department of Health and Human Services"
}
],
"ConformanceCriteriaPreface": "The criteria apply to descriptions of uses and disclosures of protected health information in the privacy notice provided to individuals by the covered entity.\n\n
\nThe following are exceptions to an individual's right to adequate notice of the uses and disclosures of PHI that may be made by the covered entity, and of the individual's rights and the covered entity's legal duties with respect to PHI:\n
\n- Group health plans that do not create or receive PHI other than summary health information (see Section 164.520(a)(2) for additional details); and <\/li>\n
- An inmate does not have a right to notice under this section, and the requirements of this section do not apply to a correctional institution that is a covered entity.<\/li>\n<\/ol>",
"$Type": "TrustmarkDefinition",
"Sources": [{
"Identifier": "HIPAA-Privacy-Rule",
"Reference": "HIPAA Privacy Rule, published by U.S. Dept of Health and Human Services, HIPAA Administrative Simplification Regulation Text 45 CFR Part 160 and subparts A and E of Part 164, available at http://www.hhs.gov/hipaa/for-professionals<\/a>",
"$id": "source-1080565857"
}]
}