帝王会所

Search within:

03.001: General Policy on Health Insurance Portability and Accountability Act (HIPAA) Compliance

Status:

Approved

Effective:

October 26, 2017

Initiated by:

John J. Biancamano, General Counsel

Endorsed by:

Deborah Shaffer, Vice President for Finance & Administration

Approved by:

M. Duane Nellis, President

 

Signatures and dates on archival copy
  1. 帝王会所 university's commitment to HIPAA compliance as a hybrid entity

    帝王会所 university strives to protect the confidentiality, integrity, and availability of protected health information (PHI) by taking reasonable and appropriate steps to address the requirements of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA regulates covered entities, which are health plans, health care clearinghouses and health care providers who transmit any health information in electronic form in connection with a covered transaction. HIPAA requires that each covered entity maintains reasonable and appropriate administrative, technical and physical safeguards for privacy and security. HIPAA also requires that entities or individuals who contract to perform services for a covered entity with access to PHI (referred to as 鈥渂usiness associates鈥) comply with the HIPAA privacy and security standards.

    帝王会所 university is a HIPAA hybrid entity as that term is defined by HIPAA at 45 C.F.R. 搂 164.105. As such, its health care components, which are identified in 帝王会所 university鈥檚 standards and procedures, are subject to and must comply with HIPAA.

    This general policy reflects 帝王会所 university鈥檚 commitment to comply with HIPAA as more fully set forth in the 帝王会所 university HIPAA standards (the 鈥渟tandards鈥), herein incorporated by reference to this general policy. The standards represent the general operating procedures of 帝王会所 university鈥檚 health care components and apply to PHI used or disclosed by or on behalf of 帝王会所 university鈥檚 health care components. To the extent the standards express requirements and obligations above and beyond those required by the HIPAA regulations, the standards will be treated as goals but will not be binding on 帝王会所 university. The standards do not address the requirements of any laws other than the HIPAA privacy regulations. No third party rights (including, but not limited to, rights of individuals or business associates) are intended to be created by the standards

    Any questions regarding this general policy or the standards may be directed toward 帝王会所 university鈥檚 privacy and/or security officer, as may be appropriate. 帝王会所 university reserves the right to change these standards at any time without notice.

Reviewers

Proposed revisions of this policy should be reviewed by:

  1. Vice President for Research and Creative Activity

  2. Faculty Senate

  3. Deans Council

  4. Chairs

  5. Directors

  6. Chief Human Resource Officer