You can revoke the authorization, but you have to do it in writing. Your ability to revoke an authorization is restricted if a covered entity has taken action in reliance on the authorization or if the authorization was obtained as a condition of obtaining insurance coverage.
Roadmap: Patient’s Guide to HIPAA: Part 3: What You Should Know about Uses and Disclosures (FAQ 64 of 65)
The short answer is no, but the correct and longer answer is more complicated. Let’s go through it step by step.
Roadmap: Patient’s Guide to HIPAA: Part 3: What You Should Know about Uses and Disclosures (FAQ 65 of 65)
Let’s start with the basics. What’s a breach? A breach is impermissible use or disclosure under the Privacy Rule that compromises the security or privacy of PHI. The full definition of what is and is not a breach is too complicated for this FAQ. In general, if a covered entity has a qualifying breach, it will send you a notice to let you know. The notice will include details about the breach and advice about what you should do to protect yourself.