A tear-jerking scenario: Family members coerce doctors to disclose information with them about a cherished one’s medical condition or therapy possibilities. Hence, the first question to ask, “Do they have a HIPAA compliant authorization form?” Because unless the patient has authorized, his PHI is not to be shared with anyone.

What is a HIPAA compliant authorization form?

The HIPAA privacy rules outline the prohibition of any HIPAA-covered entity and their business associates from revealing protected health information without a legitimate HIPAA authorization signed by the patient (or the patient’s representative).

HIPAA compliant authorization forms or HIPAA authorization forms/HIPAA release forms are written documents that permit you to allow another person access to your health information in case you’re unable to provide consent. You can select what medical records will be shared with the expressed individuals on the form.

Let us answer a few common questions here, shall we?

Do HIPAA release forms need to be notarized?

Apparently, the Privacy Rule of HIPAA does not necessitate that authorization forms be notarized or discerned.

Why would I need a medical records release authorization form?

Your medical records are not for the public interest. I’ve watched many shows where an Executive Officer was dismissed from a position when his mental treatments from a psychologist were unfairly disclosed by an inattentive nurse. That is why it is important to have an authorized consent form — and HIPAA compliant at that!

None of that would have happened if an authorization form is asked before the release of medical records. If the CEO had the signed consent, he could legally sue the hospital and the assailants.

What types of PHI does HIPAA require a signed authorization?

All protected health information requires signed authorization. There is no health-related info that can be disclosed without consent. This may humiliate the patients and ruin the reputation of medical providers.

What happens if a patient refuses to sign a HIPAA compliant authorization form?

Your patients can choose whether or not to sign. Those concerned about privacy violations should understand that HIPAA has rules in place to protect their information or review earnestly the form.

An authorization form includes the following:

  1. A description that provides sufficient insight into the subject matter
  2. The name of the one entitled to make the disclosure.
  3. The name or other identification of the person receiving the information.
  4. The statement specifying each purpose of the disclosure like ‘upon the request by the individual’.
  5. An expiration date related to the person or validity of the form.
  6. Statements pertaining to the patient’s privilege to revoke authorization.
  7. The signature of the individual or the individual’s representative (someone with authority to make health care decisions on behalf of the individual) and the date.
patient HIPAA authorisation form
A sample authorization form made with EmailMeForm.


Refusal to sign an Acknowledgement and Consent Form does not prevent a provider from using or exposing health information as HIPAA allows so long as the health provider maintains a record of this fact. For instance, doctors may share patient’s records for further evaluation, consultation, or referral.

On HIPAA compliant authorization form

Still doubtful if you need a HIPAA-compliant authorization form? HIPAA implementation gives enhanced protection to patients but patients must also consider the challenges of obtaining the release form.

Guardians of sick patients should naturally possess an authorization form especially when your patient is ‘too ill’ to visit physicians.

Here at EmailMeForm, you can create a HIPAA compliant authorization form in just a few clicks. You are creating with confidence and collect (or even exchange info) compliantly.

Create HIPAA release form

Author Jennifer Poblete

Jennifer Poblete

Jennifer is an electronics engineer who loves writing as much as she loves numbers. She enjoys eating and a slice of pizza makes her happy.

As education transitioned into the digital age, schools have an increased responsibility to safeguard their students’ data.

Schools’ digital responsibility to ensure student data privacy

You’ve chosen our form builder. But are you using the safety features?

5 Killer Form Hacks to Make Your EmailMeForm Safer

Don’t fall victim to data theft or online fraud. Keep online transaction processing safe.

Cybersecurity Tips: Managing Your Business Finances Online

Contactless tools for business solutions.

Smart Workflows Tool

More blog posts