The Health Insurance Portability and Accountability Act of 1996 (HIPAA) rules create a framework to protect the privacy and security of patient’s and health plan member’s health information. Purdue University supports the goals of HIPAA and documents its commitment to comply with these laws in its “Compliance with HIPAA Privacy Regulations” policy.
GENERAL FORMS
- Complaints
- Authorization to Use or Disclose or Release
- Record of Inadvertent Disclosure
- Record of Disclosure
- Confidentiality Agreement
- Confidentiality Agreement - Clinical Programs
- Distribution of the Notice of Privacy Practices
- Request of Amendment of PHI from an Individual
- Request of Amendment of PHI from an Entity
- Request of Confidential Communications
- Request of Privacy Protection of Protected Health Information
- Documentation of Disclosures of Protected Health Information
- Designation of Individuals Who are Involved in My Payment or Treatment Decisions
STAFF TRAINING
- Areas at Purdue who are designated as covered by the HIPAA regulations are responsible for providing comprehensive training to staff regarding its privacy policies and procedures as necessary to carry out their functions.
Each area is required to ensure that all staff including new and existing employees, volunteers, trainees or others whose conduct is under the control of the entity are trained. Follow-up training is expected to occur annually.