The Corrections and Reentry: Protected Health Information Privacy Framework for Information Sharing PHI Framework Guide was developed under cooperative agreements with the Bureau of Justice Assistance (BJA), Office of Justice Programs (OJP), U.S. Department of Justice (DOJ). The purpose of the framework guide is to provide recommendations for addressing the issues surrounding the protection, handling, and exchange of Protected Health Information (PHI) between corrections and health providers in compliance with Federal law. This resource was designed to enable correctional entities to comply with HIPAA and 42 CFR Part 2 in the receipt or sharing of PHI, whether the correctional entity meets HIPAA's designation of a "covered entity," is determined by 42 CFR Part 2 to be a "federally assisted program," or does not meet either criteria. The tools within the resource may be used by any correctional entity interested in articulating its commitment to protecting PHI and implementing the components of a privacy framework. To further support a PHI privacy framework; this document includes useful tools, such as a sample consent authorization form and a sample contractual agreement, each of which meets both HIPAA and 42 CFR Part 2 requirements. Additionally, a PHI Policy Review Checklist is provided as a tool to enable entities to evaluate pre-established PHI policies to ensure that they are in compliance with the law or to use when performing an annual PHI policy review. Other resources include a sample court order, a confidentiality notice, a glossary of terms and definitions, a listing of applicable federal PHI privacy laws, and a resource list.