The last basic thing you should know about HIPAA, is it requires UW Health providers to follow several administrative rules.
- We must train workers (i.e. have you read discussions like this!). All workers must have HIPAA training, i.e., read discussions like this, and learn additional requirements when necessary.
- We must create policy and procedure forms. UW Health providers must make "policy and procedure" forms that describe the rules above in greater detail.
- We must accept patients' (and others') privacy complaints. Patients and others can make HIPAA complaints to UW Health providers, and to the government. The Notice Form will tell patients how and where to make complaints.
- We must correct workers' HIPAA violations. UW Health providers must correct rule violations. Workers' violations will usually be unintentional, so our usual response will be to educate workers about the rules. However, workers who violate the rules repeatedly or intentionally may face more serious consequences. The consequences range from an oral warning to even termination. (This process will be similar to processes we currently have for patient privacy violations). By correcting workers' HIPAA violations, UW Health providers will better achieve our goal of protecting patient privacy. If UW Health providers do not fulfill our obligations to patient privacy, and do not correct HIPAA violations, the federal government may penalize or fine our organizations.
- We must get Privacy Officers. HIPAA requires that UW Health providers appoint Privacy Officers, to help workers learn the privacy rules. So we did just that. Please feel free to contact the Privacy Officers at any time to learn more about HIPAA.