We are a self-insured "Health Plan" HIPAA Privacy Rules requires Health Plan to account for uses and disclosures of PHI not related to TPO, or related to a signed authorization. Has anyone develop a list of situations that would require to be accounted for in a log?

The disclosures that need to be included in an accounting are generally the disclosures permitted under 45 CFR 164.512. As you’ll see from the items included in 512, the right to an accounting will not be particularly meaningful to most GHP participants.

Am I alone in thinking that the Accounting of Disclosures of PHI could be a problem for self-insured health plans?

You must keep a log for six years of disclosures not related to TPO or a sign individual authorization:
Required by law
Resulting from judical or administrative proceedings
If made about victims of domestic violence, abuse or neglect
Released for public health activities
Provided for research

Has anyone complied a list of specific situations that should be maintain in a disclosure log to provide an individual accounting if they request one?

What if the individual signed an authorization and it's not HIPAA compliant? (example: from a nursing home requesting plan cost, and coverage information) Does the Health plan have to require that a new authorization be signed that is compliant?

I ahve a listing but it is provider based, not health plan based. If you are interested in it to at least give you a basis, let me know.

Also on a non-HIPAA compliant release, after April 14th, you should not be honoring them. Hipaa Mandates that the release have the 10 elements to be valid. Send it back and request the missing elements. I would also state mandates.

If it was signed before April 14th, you do not have to log it anyway.