Reporting of security breach of protected health information including personal health information. 3364-90-15

Policy Class: Compliance
Policy Action: Major revision of existing policy
Purpose of Policy: Outline the processes and procedures to determine whether the security or privacy of PHI has been compromised; ensure compliance with notification and reporting requirements.  A report of an unauthorized use, access, disclosure or acquisition of "unsecured" PHI which has occurred or which is reasonably believed to have occurred will be investigated, notifications provided and the incident(s) reported in compliance with federal and state laws.  Please refer to Policy 3364-90-01, Release of Health Information, for guidance for permissible uses and disclosure of PHI or contact the Privacy Office.
This policy supersedes: n/a, Keywords: security breach, protected health information, personal health, PHI, privacy, HIPAA, breach, risk, disclosure, media, urgent, BA,
Download pdf
Abstract/Description: Policy Class: Compliance

Policy Action: Major revision of existing policy

Purpose of Policy: Outline the processes and procedures to determine whether the security or privacy of PHI has been compromised; ensure compliance with notification and reporting requirements. A report of an unauthorized use, access, disclosure or acquisition of "unsecured" PHI which has occurred or which is reasonably believed to have occurred will be investigated, notifications provided and the incident(s) reported in compliance with federal and state laws. Please refer to Policy 3364-90-01, Release of Health Information, for guidance for permissible uses and disclosure of PHI or contact the Privacy Office.

This policy supersedes: n/a
Subject(s): HIPAA Policies
Alumni/Friends of UT
Faculty
Staff
Students
Vendors




Compliance
Date Created: 2010-11-15