Patient privacy is central to the care provided at UWHC. Patients entrust UWHC with their confidential information. It is our job to handle that confidential information with care.
As health care providers, it is also our duty to comply with federal and state laws including the Health Insurance Portability and Accountability Act of 1996 (HIPAA). HIPAA is a complex federal law that helps patients by protecting the privacy and security of health information and giving them certain rights with respect to their health information. HIPAA’s main effect on UWHC is to require everyone working here – employees, students, volunteers, contractors and our business associates, to follow the rules that help ensure we treat our patients’ health information with the proper care.
The three areas of HIPAA that are the major focus for UWHC are:
- Privacy – provides rules in regard to how an individual’s health information may be used and disclosed
- Transaction and Code Sets – requireds the use of standard transaction formats and code sets when an individual’s financial health information is transmitted electronically
- Security – requires specific security measures to be in place to protect an individual’s health information that is sent or stored electronically
During the performance of an employee’s work, he/she may be exposed to information that is considered strictly confidential. Access to and use of protected health information(PHI)is subject to the "minimum necessary rule," meaning that PHI may only be used or accessed by employees with a legitimate clinical or business need to know the information in order to perform their job duties.
Violations of HIPAA are serious and may result in disciplinary action up to and including discharge.
Break the Glass
Guidance Documents and Forms
HIPAA Frequently Asked Questions (FAQs)
Introduction to HIPAA Privacy Rules
Electronic Medical Record Audit Policy (4.39)
The Minimum Necessary Rule (6.30)
Legal Affairs (4.13)
Uses & Disclosures of Protected Health Info for Fundraising (6.43)