/inside-uw-health/,/inside-uw-health/about-us/,/inside-uw-health/about-us/employee-handbook-uwhc/,/inside-uw-health/about-us/employee-handbook-uwhc/compliance/,/inside-uw-health/about-us/employee-handbook-uwhc/compliance/privacy/,

/inside-uw-health/about-us/employee-handbook-uwhc/compliance/privacy/

201412337

page

100

UWHC,

Organizational Services,

Inside UW Health,About Us,Employee Handbook (UWHC),Compliance

Privacy

Privacy - Inside UW Health, About Us, Employee Handbook (UWHC), Compliance

Focus

Patient privacy is central to the care provided at UWHC. Patients entrust UWHC with their confidential information. It is our job to handle that confidential information with care.

As health care providers, it is also our duty to comply with federal and state laws including the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA is a complex federal law that helps patients by protecting the privacy and security of health information and giving them certain rights with respect to their health information. HIPAA’s main effect on UWHC is to require everyone working here – employees, students, volunteers, contractors and our business associates, to follow the rules that help ensure we treat our patients’ health information with the proper care.

The three areas of HIPAA that are the major focus for UWHC are:

During the performance of an employee’s work, he/she may be exposed to information that is considered strictly confidential. Access to and use of protected health information(PHI)is subject to the "minimum necessary rule," meaning that PHI may only be used or accessed by employees with a legitimate clinical or business need to know the information in order to perform their job duties.

Violations of HIPAA are serious and may result in disciplinary action up to and including discharge.

Resources

Privacy Basics

Break the Glass

Guidance Documents and Forms

HIPAA Frequently Asked Questions (FAQs)

Introduction to HIPAA Privacy Rules

Security Rule

HIPAA-Related Policies

Administration (1.02)

Electronic Medical Record Audit Policy (4.39)

The Minimum Necessary Rule (6.30)

Legal Affairs (4.13)

Uses & Disclosures of Protected Health Info for Fundraising (6.43)

Personnel (9.10)