The U.S. Department of Health and Human Services, Office for Civil Rights (OCR) recently released a bulletin, HIPAA Privacy in Emergency Situations, reminding covered entities and their business associates that the protections of the HIPAA Privacy Rule are not set aside during an emergency.  OCR explains that Privacy Rule is balanced to ensure that appropriate use and disclosures of protected health information (PHI) may still be made when necessary to treat a patient, protect the nation’s public health, and for other critical purposes.  The bulletin further details the HIPAA Privacy Rule provisions which may allow covered entities and business associates to use or disclose PHI during an emergency.