§ 164.514(d)(4)(ii)—§ 164.514(d)(4)(ii)
>Control Description
For a request that is made on a routine and recurring basis, a covered entity must implement policies and procedures (which may be standard protocols) that limit the protected health information requested to the amount reasonably necessary to accomplish the purpose for which the request is made.
>Cross-Framework Mappings
Ask AI
Configure your API key to use AI features.