Skip to Content

Required policies, A.R.S. § 36-3806

Link to the law
This will open in a new window

“Required policies”
Arizona requires health information organizations (HIOs) to establish privacy and security polices that address the rights of individuals regarding their participation in HIOs, the HIO’s notice of health information practices, restrictions on disclosing individually identifiable health information, safeguards for protecting individually identifiable information, the persons responsible for the HIO’s privacy and security procedures, and procedures for training HIO employees on maintaining the privacy and security of individually identifiable health information.