OCR offered technical advice examination University covered entity regarding University requirement that coated entities seeking exam disclose PHI for research recruitment applications must obtain either quizzes valid patient authorization or an Institutional Review Board IRB or privacy board authorized alteration examination or waiver of authorization. Among other corrective activities exam decide University exact issues in University case, OCR required University outpatient facility to: revise its written guidelines and processes concerning disclosures of PHI for research recruitment applications examination require valid written authorizations; retrain its entire staff on University new policies and processes; log University disclosure of University patient’s PHI for accounting functions; and send University affected person quizzes letter apologizing for University impermissible disclosure. Clinic Sanctions Supervisor for Accessing Employee Medical RecordCovered Entity: Outpatient FacilityIssue: Impermissible Use and DisclosureA hospital worker’s supervisor accessed, tested, and disclosed an employee’s medical record. OCR’s research proven that University use and disclosure of protected health data by University manager was not licensed by University employee and was not otherwise permitted by University Privacy Rule. An employee’s clinical record is safe by University Privacy Rule, though employment information held by quizzes lined entity in its role as employer are not. Among other corrective activities examination resolve University precise issues in University case, quizzes letter of reprimand was placed in University manager’s group of workers file and University supervisor bought additional education about University Privacy Rule.