Comprehensive Guide to HIPAA Authorizations for Estate Planning and Probate
HIPAA authorizations are a vital component of modern estate planning and probate matters in Midtown and across Tennessee. These documents allow named individuals to access protected health information when it becomes necessary to make medical decisions or manage health-related affairs for a loved one. A properly drafted HIPAA authorization ensures hospitals, physicians, and other providers can share necessary records with agents designated in a power of attorney or a health care directive. Without clear authorization, family members can face delays, denial of records, or administrative obstacles that complicate decision making during an already stressful time.
This page explains how HIPAA authorizations fit into a comprehensive estate plan and how they interact with other legal documents like durable powers of attorney and advance directives. It also covers practical considerations for selecting authorized individuals, limiting the scope of information released, and setting appropriate expiration or revocation terms. For families in Midtown and nearby communities in Roane County, understanding these protections can prevent information gaps during medical emergencies and streamline coordination between care providers and decision makers responsible for a loved one’s welfare.
Why HIPAA Authorizations Matter in Estate Planning
A HIPAA authorization gives clear legal permission for health care providers to release a person’s medical information to those who need it. In estate planning, this permission supports timely access to medical records that may be necessary for making informed decisions, administering care, or handling end-of-life matters. Families who prepare these authorizations reduce confusion and help avoid delays when physicians require signed consent before discussing treatment or sharing records. Clear authorizations also allow caregivers and agents to coordinate care, verify diagnoses, and obtain necessary documentation for insurance claims and benefits applications.
About Jay Johnson Law Firm and Our Approach to HIPAA Authorizations
Jay Johnson Law Firm serves clients across Tennessee with a focus on estate planning and probate matters, including HIPAA authorizations that protect client privacy while enabling necessary information sharing. Our team assists families in Midtown and Roane County by explaining how HIPAA forms interact with powers of attorney and health care directives, tailoring documents to each client’s needs and circumstances. We emphasize practical drafting that addresses likely scenarios, clear naming of authorized recipients, and sensible limits on duration and scope. Clients appreciate practical guidance and step-by-step support when preparing these important documents.
Understanding HIPAA Authorizations and Their Role
HIPAA authorizations are legal forms that permit health care providers to disclose a person’s protected health information to named individuals or entities. In estate planning, these authorizations complement advance directives and durable powers of attorney by specifically granting permission to obtain medical records and speak with providers. They can be broad or narrowly tailored, allowing clients to choose what types of information are shared and for how long. Properly created authorizations should identify the patient, list authorized recipients, describe the scope of information, and state an expiration or revocation method to ensure clarity for medical staff.
Because HIPAA rules and state law intersect, drafting these authorizations requires attention to both federal privacy standards and how hospitals and clinics implement their policies. Many healthcare institutions will only release records after receiving a completed HIPAA form that meets their requirements, so having properly formatted authorizations available can avoid delay. Families often include multiple copies of the signed form in an estate planning packet and provide copies to primary care providers and hospitals. This preparation helps ensure authorized agents can act promptly when access to records is needed for decision making or benefits claims.
What a HIPAA Authorization Is and How It Works
A HIPAA authorization is a written statement that allows a covered entity, such as a hospital or physician’s office, to disclose an individual’s protected health information to specified persons. It differs from general consent for treatment because it targets release of existing records, test results, or billing information to third parties. The form should clearly identify the patient, the recipient of information, the categories of information to be released, and any time limits. Well-crafted authorizations also explain the patient’s right to revoke the authorization and include the patient’s signature and date to satisfy provider requirements.
Key Elements and Practical Steps When Preparing an Authorization
Effective HIPAA authorizations include essential components such as full identification of the person whose information is being released, the precise scope of information, named recipients, duration or expiration, and a statement about the right to revoke. Practical steps include confirming provider-specific form requirements, signing in the presence of any required witness or notary if requested by an institution, and distributing copies to all relevant providers. Clients should also keep copies in a central place with other estate planning documents. Regular review ensures information remains accurate and authorized individuals are still appropriate.
Key Terms and Glossary for HIPAA Authorizations
This glossary clarifies common terms used when discussing HIPAA authorizations and related estate planning documents. Understanding these terms helps clients make informed choices about whom they authorize, what records may be disclosed, and how long permissions should remain in effect. Definitions include basic legal and healthcare language used by providers and legal professionals so that communication is clear during stressful circumstances. Familiarity with these terms also speeds interactions with hospitals and insurers and reduces the potential for misinterpretation when medical records are requested or shared.
Protected Health Information (PHI)
Protected Health Information, often called PHI, refers to any individually identifiable health information held or transmitted by a covered entity. PHI includes medical histories, laboratory results, diagnoses, treatment notes, prescription records, and billing information tied to a person. HIPAA authorizations govern the release of PHI to third parties, making it important to specify which categories of PHI the authorization covers. Clients may choose to permit access to all PHI or limit disclosure to particular types of records relevant to a given situation, such as recent hospital stays or specific test results.
Authorization Revocation
An authorization revocation is a written statement that terminates the permission previously granted to release protected health information. Revocations should be delivered to providers and, if possible, to any previously authorized recipients. While revocation will prevent future disclosures, it cannot retroactively undo releases made while the authorization was in effect. Including a clear method for revocation and instructions on how to notify providers ensures individuals maintain control over their health information and can respond to changing family circumstances or preferences regarding who may access records.
Designated Recipient
A designated recipient is the person or entity named in a HIPAA authorization who is permitted to receive the specified health information. This may be a family member, a trusted friend, a legal agent named in a power of attorney, or an institution such as a long-term care facility. Accurate identification of recipients with full names and contact details reduces ambiguity and helps providers verify requests for records quickly. Clients should consider naming alternates in case primary designees are unavailable and should document any limits on the recipient’s access.
Duration and Scope
Duration and scope refer to how long the HIPAA authorization remains in effect and what specific categories of information it covers. Duration can be a fixed date, tied to a particular event, or set to remain effective until revoked. Scope can range from broad permission to release all health records to narrowly tailored access for specific conditions, dates of service, or types of documentation. Clear statements about both duration and scope help providers comply with the authorization and give patients and families confidence that information sharing is appropriately limited.
Comparing HIPAA Authorizations with Other Legal Tools
HIPAA authorizations serve a different but complementary role to other estate planning documents. For example, a durable power of attorney for health care grants a named agent authority to make medical decisions, while a HIPAA authorization specifically permits disclosure of medical records to identified individuals. Advance directives state treatment preferences, but do not by themselves allow providers to release records. Understanding these distinctions allows clients to assemble a cohesive planning package that addresses decision making, information access, and care preferences in a coordinated way that hospitals and insurers will recognize.
When a Limited HIPAA Authorization May Be Appropriate:
Short-Term Medical Situations
A limited HIPAA authorization can be suitable for short-term needs such as a single hospitalization, a specific surgery, or a temporary course of treatment. In those instances, granting access only for a defined period and for particular records keeps privacy protections tight while allowing necessary coordination of care. When a patient expects that only one episode will require information sharing, a narrowly tailored authorization reduces long-term exposure of medical information and preserves the individual’s broader control over health records.
Selective Information Sharing
When only certain types of medical information are relevant—such as mental health records for a specific treatment or lab results for a single condition—a limited authorization that restricts disclosure to those categories makes sense. This approach minimizes unnecessary release of unrelated records while ensuring that providers have access to the information needed for proper care decisions. It is often used when privacy concerns are heightened or when sensitive diagnoses merit tighter control over who may view a patient’s complete medical history.
When a Broader Authorization and Integrated Plan Are Advisable:
Long-Term Planning and Care Coordination
Comprehensive HIPAA authorizations are often appropriate when a person anticipates ongoing medical care, chronic conditions, or potential incapacity where agents will need continuing access to medical records. Broader authorizations that align with durable powers of attorney and advance directives ensure that decision makers can obtain medical information without repeated administrative hurdles. This alignment supports continuity of care, enables prompt responses to changing health needs, and reduces the administrative burden on families navigating complex healthcare systems over an extended period.
Estate Administration and Insurance Matters
A comprehensive approach is also valuable when medical records are needed to support insurance claims, long-term care planning, Medicaid applications, or probate administration. Granting trusted individuals the authority to access a broad range of records can expedite benefits determinations, support appeals, and provide documentation required during estate settlement. Ensuring that HIPAA authorizations explicitly permit release of records to personal representatives or fiduciaries avoids delays when insurers or government agencies request historical medical documentation.
Benefits of a Comprehensive HIPAA Authorization Strategy
A comprehensive HIPAA authorization strategy provides predictable access to medical information for agents and caregivers while preserving key privacy protections through clear scope and revocation provisions. When authorizations are coordinated with powers of attorney and advance directives, families benefit from streamlined communication with healthcare providers and quicker access to records needed for medical decision making or claims processing. Advance preparation reduces stress, limits disputes over access, and helps ensure that agents have the documentation they need when time is of the essence.
Comprehensive authorizations also reduce redundant paperwork by anticipating likely needs and naming appropriate alternates. This reduces the risk that providers will refuse to disclose information due to uncertainty about legal authority. When combined with a well-organized estate planning packet, comprehensive HIPAA authorizations help families respond efficiently to hospital requests, insurance inquiries, and administrative requirements, ensuring that care coordination and legal tasks can proceed without avoidable delays or disputes.
Faster Access to Records and Smoother Communication
One immediate benefit of comprehensive HIPAA authorization is faster access to medical records when time matters. Authorized agents can request and receive documentation directly from providers, enabling quicker review of treatment options and more informed decision making. Clear authorizations also reduce back-and-forth with hospital records departments and lower the chance that providers will withhold information due to uncertainty. This smoother communication benefits patients, families, and care teams by improving responsiveness and reducing administrative friction when coordinating care or addressing insurance needs.
Better Preparedness for Care Transitions and Benefits Claims
Comprehensive HIPAA authorizations help families prepare for care transitions, such as moves to assisted living or transitions from hospital to home care, by ensuring key records accompany the patient. They also support benefits and insurance claims that require medical documentation. Having authorized individuals who can quickly gather and submit records reduces delays in processing claims and supports continuity of care. By planning ahead and coordinating authorizations with other estate planning documents, families reduce the potential for interruptions in care or delays in benefit determinations.
Practice Areas
Top Searched Keywords
- HIPAA authorization form Tennessee
- Midtown HIPAA authorization lawyer
- estate planning HIPAA release
- medical records release Roane County
- power of attorney and HIPAA
- healthcare information release Midtown TN
- advance directive HIPAA authorization
- durable power of attorney medical records
- Jay Johnson Law Firm HIPAA forms
Practical Tips for Managing HIPAA Authorizations
Keep Copies Accessible to Providers
Provide copies of signed HIPAA authorizations to primary care physicians, hospitals, and any long-term care facilities where a loved one receives services. Keeping copies in the medical record and in a central estate planning folder helps avoid repeated requests for new forms and reduces delays in obtaining records. It is helpful to review provider preferences and, if required, use institution-specific forms. A central file containing durable powers of attorney, advance directives, and HIPAA authorizations streamlines administrative tasks when care needs arise.
Name Alternates and Be Specific
Coordinate With Other Estate Documents
Make sure HIPAA authorizations are consistent with durable powers of attorney and health care directives so that agents and providers understand who may act and what information may be shared. Coordination avoids conflicting instructions and helps ensure that records are released without administrative obstacles. Including clear revocation instructions and keeping a dated record of signed forms increases confidence that providers will honor the authorization. This coordinated approach protects privacy while providing agents with the access they need to manage care effectively.
Reasons to Include HIPAA Authorizations in Your Estate Plan
Including HIPAA authorizations in an estate plan protects access to important medical records and prevents unnecessary delays when agents or loved ones need information. These forms allow healthcare providers to share protected information with appointed individuals, which is essential for timely decision making, claims processing, and coordination of care. For families who may face hospitalization, chronic illness, or complex medical needs, having clear authorizations reduces administrative hurdles and helps ensure that the right people can obtain the records needed to advocate for a patient’s care and benefits.
HIPAA authorizations also help protect privacy by allowing a person to choose the scope and duration of information release. This level of control is useful for those who want to limit access to sensitive records or who prefer narrowly tailored permissions for specific situations. Well-drafted authorizations support smoother interactions with hospitals and insurers, reduce confusion at critical moments, and protect families from disputes over access to medical information during probate or benefit determinations when documentation is required.
Common Situations That Make HIPAA Authorizations Important
Several common circumstances make HIPAA authorizations essential, including impending surgeries, chronic illness management, pregnancy with anticipated complications, transitions to long-term care, and situations where family members must manage insurance claims or benefits. In many of these scenarios, providers will ask for written permission before releasing records, so having a completed and accessible authorization prevents delays. Preparing authorizations in advance also helps families avoid stressful last-minute searches for signed forms when decisions must be made quickly.
Hospitalization or Emergency Treatment
Hospital admissions and emergency treatments often require quick sharing of medical histories and test results to support care decisions. A signed HIPAA authorization allows designated family members or agents to obtain records, understand treatment options, and coordinate with clinicians. Without this authorization, providers may be limited in what they can disclose, which can slow communication and complicate decision making at a critical time. Keeping a clear authorization on file mitigates these risks and helps ensure continuity of communication between family and care teams.
Long-Term Care Placement or Transfers
When a loved one moves to assisted living, a nursing facility, or requires in-home care, providers will need medical histories to design appropriate care plans. A HIPAA authorization enables caregivers and case managers to access necessary records, ensuring that transitions are based on accurate medical information. Including directives about the types of records needed for transfers helps staff prepare appropriate care plans and reduces the potential for miscommunication. This deliberate preparation improves outcomes during transitions and decreases administrative delays.
Insurance Claims and Benefits Applications
Many insurance and government benefits applications require detailed medical documentation. Authorized agents with a valid HIPAA release can gather and submit records needed for claims, appeals, and eligibility determinations. This access can be decisive in securing coverage for treatments, obtaining long-term care benefits, or supporting Medicaid applications. Clear authorizations ensure that records are obtained quickly and consistently, reducing the chance that missing documentation will delay payments or approvals during important stages of benefits administration.
Local HIPAA Authorization Assistance in Midtown, TN
Jay Johnson Law Firm provides practical assistance to Midtown residents and families across Roane County in preparing HIPAA authorizations that fit into a larger estate planning package. We help clients choose the right recipients, decide on appropriate scope and duration, and coordinate these authorizations with advance directives and durable powers of attorney. Our goal is to make sure documents are clear, accessible, and acceptable to local providers so that families can focus on care and decision making rather than administrative obstacles during stressful times.
Why Choose Jay Johnson Law Firm for HIPAA Authorization Support
Jay Johnson Law Firm offers personalized legal support tailored to the needs of families in Midtown and throughout Tennessee. We walk clients through the options for releasing medical information, explain how HIPAA authorizations interact with powers of attorney and healthcare directives, and prepare documents that meet provider requirements. Our approach emphasizes clear language, practical instructions for revocation and distribution, and coordination with other estate planning documents to reduce confusion and delays when access to records is necessary.
We also assist with providing copies of completed authorizations to medical providers and advising clients on best practices for storing and updating documents. This includes recommending where to place copies, how to communicate with hospitals and clinics, and what to do if a provider requests institution-specific forms. By taking these steps proactively, families can avoid last-minute hurdles and ensure that authorized individuals can obtain records and information promptly when care decisions or benefits issues arise.
Beyond document drafting, our team explains options for naming alternates, setting reasonable expiration terms, and limiting disclosures to protect privacy. We help clients review and update their authorizations as family circumstances change, ensuring that documents remain current and effective. This ongoing attention helps provide peace of mind and practical readiness for situations where timely access to medical records is important for care coordination or legal purposes.
Ready to Prepare Your HIPAA Authorization? Get in Touch
How We Prepare HIPAA Authorizations at Jay Johnson Law Firm
Our process begins with a focused intake conversation to understand the client’s medical, family, and planning circumstances. We review existing estate documents, identify who needs access to records, and discuss the appropriate duration and scope for authorizations. After drafting a tailored HIPAA form, we review it with the client, make adjustments as needed, and provide instructions for signing, distributing, and storing copies. We also advise on how to handle provider-specific requirements and offer follow-up to confirm institutions have accepted the form.
Step One: Information Gathering and Document Review
The first step focuses on gathering essential information about the client, potential designated recipients, and the types of medical records likely to be needed. We review any existing powers of attorney, advance directives, and prior HIPAA forms to identify inconsistencies or gaps. This discovery helps determine whether a narrow or broad authorization is appropriate and whether alternates or special instructions should be included to account for future needs and provider practices.
Identify Appropriate Recipients and Scope
We work with clients to select primary and alternate recipients, considering availability, geographic proximity, and trustworthiness. We also discuss whether the authorization should permit access to all records or only categories relevant to anticipated care. Clear identification and scope minimize the chance of disputes or confusion, and naming alternates ensures continuity if a primary designee is unavailable when records are requested.
Review Institutional Requirements
Many hospitals and clinics have their own preferred authorization forms or specific procedural requirements. We verify those preferences and adapt the drafted authorization so providers will accept it, avoiding unnecessary rejection or delays. This step also includes guidance on whether a provider requires a witness or notarization and recommendations for where to file and deliver copies for easy access during emergencies.
Step Two: Drafting and Client Review
In the drafting phase we prepare clear, readable HIPAA authorization forms that reflect the decisions made during intake. The draft includes precise language identifying the patient, the designated recipients, the scope and duration of disclosure, revocation instructions, and signature blocks. We then review the draft with the client, answer questions about implications and practicalities, and update the document as needed based on client feedback and any provider-specific formatting requirements.
Tailoring Language for Clarity and Provider Acceptance
Drafting emphasizes terms and structure that medical records departments routinely accept to reduce requests for additional forms. We avoid ambiguous language and include explicit instructions about the categories of records and the intended recipients. This clarity helps medical staff process requests faster and reduces back-and-forth that can delay access, ensuring the authorization serves its intended purpose when timely disclosure is necessary.
Client Confirmation and Signing Instructions
After finalizing the draft, we provide clear instructions on how to sign and distribute the authorization, including any steps required by local providers such as witness signatures or notarization. We recommend best practices for storing signed copies and delivering them to primary care providers and hospitals. Clients receive a complete set of instructions and sample cover letters to accompany copies when handing them to institutions to ensure records departments can quickly process requests.
Step Three: Implementation and Ongoing Maintenance
Once signed, we assist clients with implementing the authorization by delivering copies to chosen providers and noting where originals are kept. We advise on periodic reviews to confirm that named recipients remain appropriate and to update the document if life circumstances change. Regular maintenance ensures the authorization remains valid and reliable, preventing surprises if medical needs arise and keeping the client’s estate planning documents aligned with current wishes and relationships.
Distributing Copies and Communicating With Providers
We recommend that clients distribute copies to primary care physicians, specialists, and any institutions where treatment is likely to occur. Communicating proactively with providers and records offices can avoid misunderstandings and prevent requests from being denied due to lack of documentation. Providing a short explanatory cover letter with each copy clarifies the authorization’s purpose and assists administrative staff in processing requests quickly when needed.
Periodic Review and Revocation Procedures
Clients should periodically review HIPAA authorizations to confirm that named recipients and scope still reflect their wishes. If changes are necessary, we prepare revocation notices and updated authorizations and advise on distributing those documents to providers and prior recipients. Clear revocation procedures help prevent future disclosure and maintain control over who can access medical records. Maintaining a dated file of all versions reduces confusion and supports consistent application of the client’s current intentions.
Frequently Asked Questions About HIPAA Authorizations
What is a HIPAA authorization and why do I need one?
A HIPAA authorization is a written authorization that permits covered healthcare providers to disclose a person’s protected health information to designated individuals or entities. This document is distinct from general consent to treatment because it expressly allows release of medical records to third parties, such as family members or agents, when needed for decision making, benefits claims, or coordination of care. Having a properly drafted authorization in place ensures that institutions will recognize the request and provide access without unnecessary delay.Preparing a HIPAA authorization in advance helps avoid obstacles during emergencies or hospital admissions when obtaining records quickly can be important. It also gives individuals control over who may see particular categories of information and for how long, which supports privacy while enabling practical information sharing when appropriate.
How does a HIPAA authorization differ from a power of attorney or advance directive?
A power of attorney for health care authorizes someone to make medical decisions on behalf of an incapacitated person, while an advance directive states the patient’s treatment preferences. A HIPAA authorization, by contrast, focuses specifically on permitting providers to release medical records and information to named recipients. The distinction matters because providers often require a signed HIPAA form before releasing records, even if an agent has decision-making authority under a power of attorney.For comprehensive planning, it is advisable to use both types of documents together. A power of attorney and advance directive address decisions and preferences, and a HIPAA authorization removes barriers to obtaining the medical records an agent may need to act effectively.
Who should I name as a recipient on a HIPAA authorization?
Choose recipients who are trusted, available, and able to manage medical and administrative tasks when needed. Common choices include spouses, adult children, close friends, or a named agent under a durable power of attorney. It is helpful to include alternates in case a primary designee is unavailable. Provide full names and contact details to minimize verification delays by healthcare institutions.When naming recipients, consider geographic proximity and willingness to engage with providers. Some clients designate more than one individual for different scopes of information or specify who handles insurance and who handles clinical discussions to reduce confusion in urgent situations.
Can I limit what types of medical information are released?
Yes, a HIPAA authorization can be narrowly tailored to permit release of only certain categories of records, specific date ranges, or information related to a single condition. Limiting disclosure is useful when privacy is a concern or when only particular records are needed for a specific purpose, such as a disability claim or a surgical follow-up. Clear language that describes the categories of information helps providers comply and reduces unnecessary release of unrelated records.While narrow authorizations protect privacy, clients should balance specificity with practical needs. Overly restrictive forms may require repeated updates; for ongoing care it may be more practical to allow a broader release subject to reasonable duration limits and periodic review.
How long does a HIPAA authorization remain valid?
Duration of a HIPAA authorization can be set to a specific date, tied to a particular event, or remain effective until revoked. Some clients choose short-term authorizations for a single hospitalization, while others set broader permissions for ongoing care. Choosing a clear expiration avoids ambiguity and ensures the authorization aligns with the client’s privacy preferences and anticipated needs.Setting an expiration date is a practical way to maintain control. Clients who prefer open-ended coverage should plan periodic reviews to confirm that named recipients remain appropriate and that the scope still matches current medical and family circumstances.
Can I revoke a HIPAA authorization after it is signed?
A HIPAA authorization can be revoked by the person who signed it at any time, provided the revocation is made in writing and communicated to the relevant providers and recipients. Revocation prevents future disclosures but does not undo releases that occurred while the authorization was in effect. To ensure clarity, deliver written revocation notices to providers and keep records showing when the revocation was issued.It is helpful to follow up with institutions to confirm they have received and processed the revocation. Creating an updated authorization if needed and distributing it to providers prevents confusion and ensures that only currently authorized individuals can obtain records.
Do hospitals accept a standard HIPAA form or do they require their own?
Some hospitals and clinics accept a client-drafted HIPAA authorization while others prefer or require their own institutional form. Because requirements vary, it is important to verify provider preferences and, when necessary, use the provider’s form or adapt language to meet their criteria. This reduces the risk that records departments will reject the request and helps ensure timely access to records.We recommend preparing both a general authorization and institution-specific copies where appropriate, and providing the relevant forms to hospitals or clinics in advance to streamline record requests when a medical need arises.
What if a provider refuses to release records despite an authorization?
If a provider refuses to release records despite a valid authorization, request a written explanation of the denial and verify whether the provider requires a different form or additional information such as a witness signature. Sometimes denials stem from process issues rather than a substantive refusal, and addressing the provider’s procedural needs will resolve the problem. If the issue persists, there are administrative complaint procedures under HIPAA and options for appealing the provider’s decision.Document all communications with the provider and seek assistance to ensure compliance. Having a copied set of the authorization and a clear record of delivery to the provider can assist in resolving disputes and obtaining necessary documentation.
Should HIPAA authorizations be stored with other estate planning documents?
Yes, store HIPAA authorizations with other estate planning documents so they can be found quickly when needed. Keep original signed forms in a secure location and provide copies to primary care providers and hospitals. A central folder or digital repository that is accessible to designated agents reduces last-minute scrambling and ensures that records departments can verify authorization promptly.Also provide a short cover letter with copies to explain the purpose of the authorization and to identify any related documents such as powers of attorney or advance directives, making it easier for administrative staff to process requests efficiently.
How do HIPAA authorizations affect access to mental health or substance abuse records?
Access to mental health or substance abuse records is subject to additional federal and state protections beyond general HIPAA rules. In many cases, separate authorizations or specific language is required to release these records. Be sure to address these categories explicitly in the authorization if such information may be needed for care coordination or claims processing, and confirm with providers about any additional consent forms they require.Consulting with legal counsel helps ensure that the authorization uses appropriate wording to comply with applicable laws while permitting necessary disclosures. This careful drafting helps authorized agents obtain records that might otherwise be restricted due to heightened privacy protections.