A State insurance commissioner is requesting specific, individually identifiable information from an insurer as a part of a routine review of the insurer's practices. What must the insurer do to deidentify the information?
A.
The protected health information must be removed from the information. A substitute "key" may be supplied to allow re-identification, if needed.
B.
Limit the information to coverage, dates of treatment, and payment amounts to avoid collecting any protected data.
C.
Nothing. An oversight agency has the right to access this information without prior authorization.
D.
Request that the insurance commissioner ask for an exception from HIPAA from the Department of Health and Human Services.
E.
A written authorization is required from the patient.
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit