Georgia HIPAA Laws: An Overview

Georgia HIPAA Laws

Healthcare providers subject to HIPAA in Georgia are also subject to Georgia state laws providing for privacy and security of medical data. Georgia HIPAA laws differ slightly from the federal HIPAA law in several aspects. Georgia HIPAA laws are discussed below.

Georgia HIPAA Laws: HIPAA Authorization Form Georgia

The HIPAA Authorization Form rule requires that providers obtain written patient authorization before certain uses and disclosures of protected health information (PHI) can be made. 

There is no special language for a “HIPAA Georgia Authorization Form.” A form developed the HIPAA Privacy Rule is valid in Georgia, provided it contains specific core HIPAA elements. 

These elements include:

  • A description of the specific information to be used or disclosed
  • The name or other specific identification of the person(s), or class of persons, authorized to make the requested use or disclosure
  • The name or other specific identification of any third parties (persons or classes of persons) to whom the covered entity may make the requested use or disclosure
  • A description of each purpose of the requested use or disclosure 
  • An expiration date or an expiration event that relates to the individual or the purpose of the use or disclosure
  • The signature of the individual and the date 

Georgia HIPAA laws, like federal HIPAA, require written patient authorization for otherwise prohibited uses and disclosures. In Georgia, one instance where written authorization must first be obtained is when a patient makes an application for benefits under the Georgia Crime Victims Compensation Program. This requirement is unique to Georgia HIPAA laws. 

Georgia runs the program on the state level without federal assistance. The Georgia Crime Victims Compensation Program (GCVCP) assists crime victims with expenses they incurred due to a violent crime. Submitting a HIPAA Georgia written patient authorization form (also called a Georgia HIPAA medical release form) is part of the benefits application process. 

Under Georgia HIPAA laws, a patient must provide specific written authorization for the following disclosures:

  1. Information regarding the diagnoses or treatment of HIV/AIDS
  2. Information regarding the diagnoses or treatment of sexually transmitted diseases
  3. Information regarding drug and/or alcohol abuse diagnoses or treatment
  4. Information regarding diagnoses of mental illness
  5. Information regarding psychiatric treatment 

Let’s Simplify Compliance

Do you need help with HIPAA? Compliancy Group can help!

Learn More!
HIPAA Seal of Compliance

Georgia HIPAA Privacy Rule vs. Federal HIPAA Privacy Rule

HIPAA has special rules covering who can request the PHI of someone who has died. 

Under HIPAA, a covered entity may disclose a deceased person’s PHI to any of the following personal representatives: