This policy sets forth the framework for the University’s compliance with the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health Act (HITECH), and the HIPAA Omnibus Rule. It is applicable only to those units of the University that have been designated as “Covered Components” under HIPAA. This policy is limited to the privacy standards imposed by HIPAA. Other aspects of the law, including rules governing security and human subject research, are addressed in other University policies. See the University’s IRB website for policies governing human subject research.
Procedure(s) and Supporting Documents
Please refer to the policy and/or the policy contact for any accompanying procedures, supporting documents, and/or forms.