FAQs Categories

Authorizations (30)
Business Associates (41)
Compliance Dates (2)
Covered Entities (14)
Decedents (8)
Disclosures for Law Enforcement Purposes (7)
Disclosures for Rule Enforcement (2)
Disclosures in Emergency Situations (2)
Disclosures Required by Law (6)
Disclosures to Family and Friends (28)
Disposal of Protected Health Information (6)
Facility Directories (7)
Family Medical History Information (3)
FERPA and HIPAA (10)
Group Health Plans (3)
Health Information Technology (41)
Incidental Uses and Disclosures (10)
Judicial and Administrative Proceedings (8)
Limited Data Set (5)
Marketing (18)
Marketing - Refill Reminders (16)
Mental Health (35)
Minimum Necessary (14)
Notice of Privacy Practice (20)
Personal Representatives and Minors (12)
Preemption of State Law (10)
Privacy Rule: General Topics (12)
Protected Health Information (2)
Public Health Uses and Disclosures (13)
Research Uses and Disclosures (20)
Right to Access and Research (58)
Right to an Accounting of Disclosures (8)
Right to File a Complaint (1)
Right to Request a Restriction (2)
Safeguards (13)
Security Rule (25)
Smaller Providers and Businesses (145)
Student Immunizations (8)
Telehealth (11)
Transition Provisions (3)
Treatment, Payment, and Health Care Operations Disclosures (30)
Workers Compensation Disclosures (5)

May a health information organization (HIO) manage a master patient index on behalf of multiple HIPAA covered entities?

Yes. A HIO may receive protected health information from multiple covered entities, and manage, as a business associate on their behalf, a master patient index for purposes of identifying and linking all information about a particular individual. Disclosures to, and use of, a HIO for such purposes is permitted as part of the participating covered entities’ health care operations under the HIPAA Privacy Rule, to the extent the purpose of the master patient index is to facilitate the exchange of health information by those covered entities for purposes otherwise permitted by the Privacy Rule, such as treatment.

Created 12/15/08

Content created by Office for Civil Rights (OCR)
Content last reviewed on July 26, 2013

FAQs Categories

May a health information organization (HIO) manage a master patient index on behalf of multiple HIPAA covered entities?

Connect With OCR

Office for Civil Rights Headquarters