RESUMO
This Article examines and proposes solutions for the following compliance problems under the Health Information Portability and Accountability Act's Privacy Rule: (a) determining compliance requirements when multiple provisions of the Privacy Rule allow a use or disclosure of protected health information; (b) managing minimum necessary for disclosures to noncovered entities; (c) managing interaction between organized healthcare arrangements and noncovered providers; (d) processing joint health and life/disability insurance applications; (e) reconciling family coverage explanations of benefits and family member's confidential communication demands; and (f) explaining denial of protected health information access based on endangerment. In the course of the analysis, the Article presents a Privacy Rule Compliance Tool that summarizes the compliance requirements associated with each Privacy Rule provision that allows protected health information use or disclosure.