DEFINITION of 'HIPAA Waiver of Authorization'
A legal document that allows an individual’s health information to be used or disclosed to a third party. The waiver is part of a series of patient-privacy measures set forth in the Health Insurance Portability and Accountability Act (HIPAA) of 1996.
BREAKING DOWN 'HIPAA Waiver of Authorization'
Healthcare privacy has come into increased focused in the digital age; it is much easier for doctors to transmit patient health information via the Internet than it was when records had to be mailed or faxed. The HIPAA Waiver of Authorization allows doctors to provide information on a patient’s health to third parties, such as researchers, attorneys, other doctors or family members.
Patient information covered under HIPAA, called protected health information (PHI), is information that can be linked to a specific individual, and is held by a covered entity, such as a health insurer, healthcare provider or healthcare clearinghouse.
In order for a HIPAA waiver to be approved for research purposes, three criteria for the use of private health information must be met: the health information to be disclosed must present a minimal risk to the privacy of the disclosing party; the researchers must ensure that research activities could not be undertaken without the information; and the research could not be practicably conducted without the waiver.
Should a family member attempt to bypass HIPAA rules through the use of an attorney, usually in the event of a medical emergency, the patient must have already outlined in his/her power of attorney for healthcare that he/she expressly waives the protection offered by HIPAA and allows the specifically designated "personal representative" to know his/her otherwise private health information.