Health Insurance Portability and Accountability Act | |
Business Associate Agreement (BAA) | a contract to ensure that the BAs will appropriately safeguard PHI. |
Business Associate Decision Tree | will help determine if an entity is a BA, as defined under HIPAA 45 CFR 160.103. |
Case Report HIPAA Authorization Form | You are being asked to allow information about your hospital stay and related treatment of your illness to be used to write what is called a case report. |
Data Sharing Flow Chart | visually indicates appropriate uses of PHI. |
Data Sharing Info Page | explains the differences between unidentified, LDS, and identifiable PHI. |
Data Use Agreement (DUA) | an agreement when a limited data set is shared, use and protection outlined. |
GDPR (General Data Protection Regulation) | Link to the Office of Information Security's GDPR webpage. The EU GDPR (effective May 25, 2018) sets a broad definition for personal information and establishes a variety of requirements regarding privacy and the handling of EU residents' personal information. |
HIPAA 101 Tip Sheet | provides useful into to the UCD community - in a nutshell. |
HIPAA Incident Notification Form | form to use when communicating a HIPAA privacy incident to the Privacy Officer. |
HIPAA Walkthrough Checklist | for departments to use when walking through their physical space. |
document that explains how a Covered Entity may use and disclose health information kept in your medical record. | |
Student Data Privacy (K12) | provides useful information regarding students Personally Identifiable Information. |