Ohio Admin. Code 5160:1-2-05 - Medicaid: notice of privacy practices

(A) The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law requiring the administrative agency to issue a notice of privacy practices.

(B) The administrative agency shall:

(1) Ensure appropriate safeguards are taken in accordance with rule 5160-1-32 of the Administrative Code.

(2) Issue a notice of privacy practices to all individuals eligible through the for medical assistance, programs a notice of privacy practices, as described in 45 C.F.R. 164.520 (as in effect October 1, 2016 2023), outlining all of the following descriptions of uses, and disclosures, and procedures:

(a) A description of the types of uses and disclosures of protected health information (PHI) the administrative agency is permitted with examples for each of the following purposes:

(i) Payment; and

(ii) Treatment; and

(iii) Healthcare operations.

(b) A description of the uses and disclosures permitted without the individual's written consent or authorization; .

(c) A statement that other uses and disclosures will be made only with the individual's written authorization; .

(d) Complaint procedure; .

(e) Request for restriction procedure; .

(f) Request for amendment procedure; .

(g) Request for accounting procedure; and .

(h) A name, or title, and telephone number of a person or office to contact for further information.

Notes

Ohio Admin. Code 5160:1-2-05

Effective: 1/1/2024
Five Year Review (FYR) Dates: 10/12/2023 and 01/01/2029
Promulgated Under: 111.15
Statutory Authority: 5162.031, 5163.02
Rule Amplifies: 5162.031, 5163.02
Prior Effective Dates: 10/01/1998, 10/06/2003, 11/01/2009, 01/01/2014, 01/01/2017