Under HIPAA, which one of the following statements is true regarding the release of
PHI by covered entities to business associates?
A. Covered entities are responsible for the use of PHI made by business associates.
B. Covered entities aren’t allowed to release PHI (identifiable or de-identified) to
business entities.
C. Covered entities must require adequate assurances in writing that business
associates will adequately safeguard PHI.
D. Once a covered entity releases information to a business associate, the associate
may disclose that information to other entities.
B
3 answers
I think B is correct.
anser is c
C
Department of Health and Human services site.
Department of Health and Human services site.