1. Purpose
This policy designates [insert name of legal entity] (the “Organization”) as a hybrid entity under the Health Insurance Portability and Accountability Act (HIPAA).
2. Policy Statement
This statement designates the ACCOUNT_JOB_COMPANY as a Hybrid Entity under HIPAA and formally designates those Health Care Components required to comply with the HIPAA Rules.
Only Health Care Components, designated as such under this policy, are required to comply with the HIPAA Rules and only Health Care Components have the right to use, maintain, access, or transmit Protected Health Information.
By adopting hybrid entity status, non-covered entity departments possessing individual health care information are not subject to those notification requirements for a breach of Protected Healthcare Information ("PHI") under HIPAA.
All definitions defined in HIPAA or other pertinent laws and regulations shall be as defined in the HIPAA or other laws or regulations.
3. Designation of HealthCare Components
The following units are designated as the Health Care Components:
COVERED_COMPONENTS
4. Designation of the Non-Health Care Component
The Organization designates the following units as the Non-Health Care Component. These components are exempt from HIPAA regulations
NON_HEALTHCARE
5. Limitations on Disclosure of PHI to Non-Health Care Components
........................................