Sec. 9.8. Disclosure of limited data sets and de-identified information.
182 words·~1 min read·
/il/chapter-410/act-305/9-8A research copy — for the controlling text, always check the official state or federal source. Not legal advice.
Sec. 9.8. Disclosure of limited data sets and de-identified information. Notwithstanding the provisions of Sections 9 and 10 of this Act:
(1)a covered entity may, without a patient's consent, create, use, and disclose a
limited data set using HIV-related information from a patient's record or disclose HIV-related information from a patient's record to a business associate for the purpose of establishing a limited data set; the creation, use, and disclosure of such a limited data set must comply with the requirements set forth under HIPAA;
(2)a covered entity may, without a patient's consent, create, use, and disclose
de-identified information using information from a patient's record that is subject to this Act or disclose HIV-related information from a patient's record to a business associate for the purpose of de-identifying the information; the creation, use, and disclosure of such de-identified data must comply with the requirements set forth under HIPAA. A covered entity or a business associate may disclose information that is de-identified; and
(3)the recipient of de-identified information shall not re-identify de-identified
information using any public or private data source.