Skip main navigation
Close Drawer MenuOpen Drawer Menu
APA Publishing Logo

The American Psychiatric Association (APA) has updated its Privacy Policy and Terms of Use, including with new information specifically addressed to individuals in the European Economic Area. As described in the Privacy Policy and Terms of Use, this website utilizes cookies, including for the purpose of offering an optimal online experience and services tailored to your preferences.

Please read the entire Privacy Policy and Terms of Use. By closing this message, browsing this website, continuing the navigation, or otherwise continuing to use the APA's websites, you confirm that you understand and accept the terms of the Privacy Policy and Terms of Use, including the utilization of cookies.

×
Back to table of contents
Government NewsFull Access

What Is Consent? What Is Authorization?

Published Online:6 Sep 2002https://doi.org/10.1176/pn.37.17.0033

The final version of the HIPAA privacy rule on medical-record confidentiality uses the terms “consent” and “authorization,” which in the context of the federal rule are not interchangeable.

Consent refers to the patient’s giving permission for electronic medical records to be released to third parties involved in treatment, utilization review, insurance payment, quality assurance, and continuity of care.

Authorization is required for all other uses to which a patient’s medical records may be put. These include some marketing efforts, for example, or release of records to a patient’s attorney in conjunction with a legal proceeding.

Physicians cannot make treatment provision conditional on receiving a patient’s authorization; they can, however, make it conditional on receiving a patient’s consent. Patients have the right to revoke consents and authorizations they have given.