Employees and others     DP161.8    In the event that the identity and legal authority of an individual or entity
         with Access to PHI                  requesting PHI cannot be verified, personnel will refrain from disclosing the
                                             requested information and report the case to the Area Chief and Director of
                                             Information Technology, Privacy and Data Security in a timely manner.
         Employees and Others     DP161.9    The organization will take necessary steps to verify the identity and legal
         with Access to PHI                  authority of persons requesting disclosure of PHI.
         Employees and others    DP161.10    In verifying the identity and legal authority of a public official or a person acting
         with Access to PHI                  on behalf of the public official requesting disclosure of PHI, the organization staff
                                             may rely on the following, if such reliance is reasonable under the circumstances,
                                             when disclosing PHI: documentation, statements, or representations that, on
                                             their face, meet the applicable requirements for a disclosure of PHI.






































































          GES CONFIDENTIAL                                                                                   65