CS 19 Security of Electronic Medical Records – Compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) (formerly 07-02-06)


This policy sets forth the framework for the University’s compliance with the Security Rule of the federal Health Insurance Portability and Accountability Act of 1996 (HIPAA). It is applicable only to those units of the University that have been designated as “Covered Components” under HIPAA and University Policy 07-02-01. This policy is limited to the final HIPAA Security Rule. Other aspects of law, including rules governing privacy and human subject research, are addressed in other University policies.


Category: Human Resources
Section: Confidentiality of Medical Information
Effective Date: September 23, 2013
Last Reviewed: September 23, 2013
Responsible Unit:
Responsible Executive: Senior Vice Chancellor for Business and Operations
Policy Contact:

Procedure(s) and Supporting Documents

Please refer to the policy and/or the policy contact for any accompanying procedures, supporting documents, and/or forms.