HIPAA (Health Insurance Portability and Accountability Act) is a U.S. law designed to provide privacy standards to protect patients’ medical records and other health information provided to health plans, billing/coding companies, doctors, hospitals and other health care providers (known as Covered Entities).
Under this Act, the University of Colorado is considered a “hybrid” covered entity.
HIPAA impacts our campuses through usage of patient records (including shadow records), human subjects research records, and marketing demographics that contain health information, as just a few examples.
1) to secure Protected Health Information (PHI) and
2) to enforce standards for electronic transactions in healthcare.
Responsibility for HIPAA compliance is coordinated by the Office of Regulatory Compliance under the direction of the Associate Vice Chancellor for Regulatory Compliance, Dr. Alison D. Lakin, RN, LLB, LLM, PhD.