Please consider making a donation to keep this project's resources available at no cost to the public. Your donation will support new research, updates to current resources, and website maintenance for HealthInfoLaw.org.
Duty of covered entities – Ohio Rev. Code Ann. § 3798.03
Link to the law
This will open in a new window
Current as of June 2015
This will open in a new window
This section applies to covered entities as they are defined in the HIPAA administrative regulation provisions (at 45 C.F.R. § 160.103).
A covered entity must provide an individual or the individual's personal representative with access to any of the individual's protected health information that is maintained in a designated record set consistent with the access requirements of HIPAA (at 45 C.F.R. § 164.524). A covered entity must also implement and maintain appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information in a manner consistent with HIPAA requirements (as 45 C.F.R. § 164.530(c)).
Current as of June 2015
.png)