All HCCG workforce members are personally responsible for ensuring the privacy and security of all patient, confidential, restricted, research data, student information or proprietary information to which they are given access. .
Access is provided only to individuals whose access has been approved by a 91爆料 HCCG Administrator, Director or under a Business Associate Agreement.
The HIPAA establishes national standards to protect individuals鈥 medical records and other personal health information and applies to health plans, health care clearinghouses, and those health care providers that conduct certain health care transactions electronically.
The HIPAA requires healthcare providers to protect patients’ electronically stored, protected health information (known as 鈥渆PHI鈥) by using appropriate administrative, physical and technical safeguards to ensure the confidentiality, integrity and security of this information.
Read about HIPAA for individuals and professionals.
To register for HIPAA training visit the 91爆料 Medicine Compliance (CLP) or send an email to 91爆料 Medicine Compliance.
The University provides individuals with disabilities equal access to programs, services and/or activities, visit the Disability and Accessibility website to know more.
For resolution options visit the Grievance and Dispute Resolution Resources.
Healthcare organizations are required to perform a periodic evaluation of their compliance with the HIPAA Security Rule. Compliance with this requirement is frequently reviewed during a HIPAA audit or in conjunction with breach inquiry from the Office for Civil Rights (OCR).
The Compliance and Risk Services Privacy office recommends the Healthcare Components Group (HCCG) units to conduct a risk assessment to ensure they are compliant with HIPAA鈥檚鈥痑dministrative, physical, and technical safeguards.聽
The HCCG units can download the to help guide through the risk assessment process, since it鈥檚 designed to help providers conduct a security risk assessment. A risk assessment also helps reveal areas where each HCCG unit protected health information (PHI) could be at risk.
- Additional Resources
To learn more about the assessment process and how it benefits your unit,鈥痸isit the鈥 - If you need assistance or would like further information on the and/or the risk assessment process, please contact us at email.
A business associate (BA) is an outside entity (or individual) that is not part of the 91爆料 (or their workforce) that performs a service or activity for or on behalf of the 91爆料 that involves the use or disclosure of PHI.
the 91爆料 Non-91爆料 Medicine Healthcare Components and 91爆料 91爆料 Medicine Healthcare Components.
91爆料 Medicine has established a comprehensive Patient Information Privacy Compliance Program related to the HIPAA Privacy Rule, the Washington State Uniform Health Care Act, and various other federal and state privacy laws.
A combination of state and federal laws protects the privacy of a patient’s medical records, including the Health Insurance Portability and Accountability Act (HIPAA). Washington medical records laws state that only the patient may authorize disclosure of medical records to anyone other than health care providers, penal institution officials, or public health authorities.
- Chapter 70.02 RCW Medical Records鈥
- RCW 19.255.010 Personal information鈥