Estate Planning Glossary

HIPAA authorizationn.

also known asHIPAA release, medical records authorization

Reviewed by Owen Hathaway, AttorneyUpdated June 1, 2026

A signed permission that lets named people receive a person's protected health information. Without it, even a chosen agent can be stonewalled by privacy rules.
Under HIPAA’s Privacy Rule, health-care providers cannot release a person’s protected health information to outside parties without written consent. A HIPAA authorization is that consent: a signed document that overrides those restrictions and directs providers to release records to specifically named people.
It complements a medical power of attorney: the power names who decides, while the HIPAA authorization ensures that person, and others the individual chooses, can actually access the records needed to decide.

Colorado & Wyoming notes

HIPAA is federal (45 C.F.R. Parts 160 and 164) and applies identically in Colorado and Wyoming. Neither state has a specific health care privacy statute. A standalone authorization is useful even where an agent is named, because it can reach people who are not health-care agents.

Related terms

advance directive
An umbrella term for legal documents that record health-care wishes and treatment instructions before a crisis, covering scenarios from temporary incapacity to persistent vegetative state to end of life.

← Back to Blog