New Resource About HIPAA Privacy Rule Requirements and Fundraising
The Federal Privacy Rule that implements the Health
Information and Portability and Accountability Act (HIPAA) contains
to the use of protected health information in fundraising activities. In
light of the importance to AAMC members of both fundraising and
with the HIPAA requirements, the Privacy Workgroup of the AAMC's
Compliance Officers' Forum (COF)—composed of privacy officers from AAMC
institutions-issued an Advisory on the topic, When Federal Privacy Rules and Fundraising Desires Meet: An Advisory on the Use of Protected Health
Information in Fundraising Communications. The Advisory incorporates comments from selected development officers from the Group on Institutional
The first section of the Advisory provides answers to common questions about HIPAA requirements and fundraising in a Question and Answer format. The second section offers an in-depth discussion and more detailed information, and includes suggested templates for communicating with patients, cites to federal statutes and regulations, and relevant HIPAA definitions.
In reviewing the Advisory and considering the suggestions it contains, each institution should consider its own compliance environment and State privacy requirements, and seek specific legal advice from counsel as appropriate.
The Advisory PDF is available here.
If you have questions about the Advisory, please contact Ivy Baer, senior director and regulatory counsel, at email@example.com or (202) 828-0499.