42 CFR Part 2 Compliance Checker
42 CFR Part 2 provides federal protections for patients receiving treatment for substance use disorders (SUD). These regulations restrict the disclosure and re-disclosure of SUD treatment records and require specific patient consent procedures that go beyond HIPAA's general provisions. This tool assesses your organization's adherence to consent management, qualified service organization agreements (QSOAs), re-disclosure prohibitions, audit controls, and court-order handling.
Progress: 0/22
Patient Consent & Authorization
0/5Qualified Service Organization Agreements
0/4Re-Disclosure Restrictions
0/4Audit & Record Keeping
0/4Court Orders & Legal Exceptions
0/5Patient Consent & Authorization
Assessment of consent processes specific to substance use disorder records under 42 CFR Part 2.
Q1
Do you obtain written patient consent that meets all 42 CFR Part 2 requirements (name of patient, purpose, recipient, specific information to be disclosed, expiration date, right to revoke) before disclosing any SUD treatment records?
Q2
Are patients informed of their right to revoke consent at any time, and do you have a documented process to immediately cease disclosures upon revocation?
Q3
Does your consent form specify each individual or entity that will receive SUD records, rather than using blanket or open-ended recipient designations?
Q4
Do all consent forms include a defined expiration date or condition, and do you track and enforce expiration so that disclosures stop automatically?
Q5
Do you maintain a separate, secured consent repository that tracks all active, expired, and revoked 42 CFR Part 2 consents with a full audit trail?
VertiComply
Build HIPAA-compliant healthcare applications with AI-powered code generation.
Product
Features
Pricing
Tools
Company
About
Blog
Contact
Legal
Privacy
Terms
Compliance
© 2026 VertiComply. All rights reserved.
SOC 2 Type II Certified | HIPAA Compliant