Sentences with phrase «authorization requirement rule»
This consent order concerns violations by Swift Jet, Inc., (Swift Jet) of 14 CFR 212.9 (b), the Department's prior authorization requirement rule for foreign air carriers.
https://www.transportation.gov/ Not exact matches
In addition to any other requirements or restrictions set forth in this Agreement, you shall not: (i) utilize the credit available on any Card to provide cash advances to Cardholders, (ii) submit any card transaction for processing that does not arise from your sale of goods or service to a buyer customer, (iii) act as a payment intermediary or aggregator or otherwise resell our services on behalf of any third party, (iv) send what you believe to be potentially fraudulent authorizations or fraudulent card transaction, or (v) use your Merchant Account or the Service in a manner that Visa, MasterCard, American Express, Discover or any other Payment Network reasonably believes to be an abuse of the Payment Network or a violation of Payment Network rules.
In addition, the final rule allows a covered health care provider or health plan to use or disclose protected health information pursuant to an authorization that was approved by a single IRB or privacy board, provided the authorization met the requirements of § 164.508.
Response: We agree with this concern and clarify that covered entities are permitted to use protected health information in this manner without authorization as part of the management activities relating to implementation of and compliance with the requirements of this rule.
We discuss the examples here, however, to clarify the interaction of the authorization requirements and the provisions of the rule that permit uses and disclosures without authorization and / or with consent.
We want to be clear, however, that covered entities will be in compliance with this rule if they use or disclose protected health information pursuant to an authorization that meets the requirements of § 164.508.
In order to make uses and disclosures that are not covered by the consent requirements and not otherwise permitted or required under the final rule, covered entities must obtain the individual's «authorization.»
The final rule makes the following modifications to the NPRM's proposed documentation requirements for the waiver of individual authorization:
Response: We retain the requirement for covered entities to obtain authorization for all uses and disclosures of protected health information that are not otherwise permitted or required under the rule without authorization.
Comment: Some commenters complained that the absence of a definition for disease management created uncertainty, in view of the proposed rule's requirement to get authorization for marketing.
Other commenters complained that the absence of a definition for disease management created uncertainty in view of the proposed rule's requirement to get authorization for marketing.
One contract specifies that the issuer may use and disclose protected health information about the participants in the group health plan for research purposes without authorization (subject to the requirements of this rule) and one contract specifies that the issuer must always obtain authorizations for these uses and disclosures.
However, a covered entity will need to obtain an authorization that meets the requirements of § 164.508, to the extent that it is required to obtain an authorization under this rule, from an individual before it may use or disclose any protected health information it creates or receives after the date by which it must comply with this rule.
The final rule retains these requirements for research conducted with authorization, as required by § 164.508.
Response: We agree with the comment supporting the proposed rule's provision to impose no requirements for the location or sponsorship of the IRB or privacy board that was convened to review a research proposal for the alteration or waiver of authorization criteria.
The board that would determine whether the research protocol met the eight specified criteria for waiving the patient authorization requirements (described above), could have been an IRB constituted as required by the Common Rule, or a privacy board, whose proposed composition is described below.
In some cases, our rules may demand additional requirements, such as obtaining the approval of a privacy board or Institutional Review Board if a covered entity seeks to disclose protected health information for research purposes without the individual's authorization.
Response: For the reasons explained above, we retain in the final rule a requirement that a separate authorization must be obtained for most uses or disclosures of psychotherapy notes, including those for treatment, payment, and health care operations.
Another commenter recommended that the authorization requirement for disclosure of financial gain be defined in accordance with FDA's financial disclosure rules.
Response: Because of the myriad of types of forms that could meet these requirements and the desire to encourage covered entities to develop forms that meet their specific needs, we do not include a model authorization form in the final rule.
We believe that the research authorization requirements of § 164.508 (f) complement the Common Rule's requirement for informed consent.
While the privacy rules have requirements that are somewhat different, the program may use notice and authorization forms that include all the elements required by both regulations.
Comment: In addition to the proposed waiver criteria, several commenters recommended that the final rule also instruct IRBs and privacy boards to consider the type of protected health information and the sensitivity of the information to be disclosed in determining whether to grant a waiver, in whole or in part, of the authorization requirements.
The requirement also did not apply to uses and disclosures made: pursuant to the compliance and enforcement provisions of the rule; as required by law and permitted by the regulation without individual authorization; by a covered health care provider to a health plan, when the information was requested for audit and related purposes.
Some of the proposed requirements for authorization were modified in the final rule as discussed in the preamble on § 164.508.
In the final rule, we permit a covered entity to rely upon such consent, authorization, or permission to use or disclose protected health information that it created or received before the applicable compliance date of the regulation to carry out the treatment, payment, or health care operations as long as it meets two requirements.
The final Security Rule will detail the system and administrative requirements that a covered entity must meet in order to assure itself and the Secretary that health information is safe from destruction and tampering from people without authorization for its access.
As under the proposed rule, we permit covered entities to use or disclose protected health information without the individual's consent, authorization or agreement for specified Start Printed Page 82499public policy purposes, in compliance with the requirements in § 164.512.
Clearinghouses acting as business associates are not subject to the other requirements of this rule, which include the provisions relating to procedural requirements, requirements for obtaining consent, individual authorization or agreement, provision of a notice, individual rights to request privacy protection, access and amend information and receive an accounting of disclosures and the administrative requirements.
Our intent is to clarify that a covered entity that uses or discloses protected health information pursuant to an authorization meeting the applicable requirements will be in compliance with this rule.
Section 1001.354 of the Texas Education Code contains the basic authorization for an alternative delivery method (ADM) of a driving safety course, and the requirements that are applicable to all driving safety courses (including ADMs) are in TDLR's rules in Title 16 of the Texas Administrative Code Chapter 84.
Consequently, because statutes and rules in each state provide a scope of practice for CNAs and medication aides or assistants, and establish the educational and examinational requirements for these personnel, medical assistants will be given authorization to work clinically in these inpatient environments only if they meet the legal requirements and actually become nursing assistants or medication aides.