For a better experience, click the Compatibility Mode icon above to turn off Compatibility Mode, which is only for viewing older websites.

Decedents

Drexel University Clinical Covered Entities
Privacy Program Policies and Procedures

Policy Title: Decedents
Policy Number: IM-25
Effective Date: September 23, 2013
Last Revision: September 1, 2017
Responsible Officer: Vice President, Chief Compliance, Privacy and Internal Audit Officer

Table of Contents

Applicability

This policy applies to all Covered Entities within Drexel University.

Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.

I. Purpose

To clarify authorization rights for deceased patients.

II. Policy

Drexel University (DU) will extend the HIPAA privacy obligations to deceased patients' protected health information for a period of fifty (50) years following a patient's death. Following a patient's death, DU may disclose the decedent's protected health information to the decedent's family members and to other persons who were either involved in the decedent's care or payment for care prior to death, unless doing so is inconsistent with a prior expressed preference of the decedent that was known to DU.

III. Procedure

During a patient's care, to the extent communicated to DU personnel, DU personnel shall document in a patient's medical record any patient preference restrictions regarding disclosures by DU to family members or others involved in the patient's care or payment for care following death.

 Back to Top