The Health Insurance Portability and Accountability Act of 1996 (HIPAA) rules create a framework to protect the medical privacy of patients and health plan members. In general, HIPAA privacy regulations allow covered health care providers and health plans to share information for the purposes of treatment, payment, and health care operations. Additional information regarding uses or disclosures of health information are described in the Notices of Privacy Practices.
Purdue University supports the goals of HIPAA and documents policies and procedures for securing protected health information in its "Compliance with HIPAA Privacy Regulations" policy.
Purdue University supports the goals of HIPAA and documents policies and procedures for securing protected health information in its "Compliance with HIPAA Privacy Regulations" policy.
GENERAL FORMS
- Complaints
- Authorization to Use or Disclose or Release
- Record of Inadvertent Disclosure
- Record of Disclosure
- Confidentiality Agreement
- Confidentiality Agreement - Clinical Programs
- Distribution of the Notice of Privacy Practices
- Request of Amendment of PHI from an Individual
- Request of Amendment of PHI from an Entity
- Request of Confidential Communications
- Request of Privacy Protection of Protected Health Information
- Documentation of Disclosures of Protected Health Information
- Designation of Individuals Who are Involved in My Payment or Treatment Decisions
STAFF TRAINING
- Areas at Purdue who are designated as covered by the HIPAA regulations are responsible for providing comprehensive training to staff regarding its privacy policies and procedures as necessary to carry out their functions.
Each area is required to ensure that all staff including new and existing employees, volunteers, trainees or others whose conduct is under the control of the entity are trained. Follow-up training is expected to occur annually.