Visit
Apply
Give

Health Care Compliance and Institutional Privacy

Compliance Policies

The University of Toledo is currently undertaking a comprehensive review of all University policies. The Compliance Office is also working diligently to review, revise, and create additional and necessary policies throughout this process. Any new or revised policies will be updated on this page after signature by the President.

Any new or revised policies are posted to the Policies Posted for Comment page for 30 days. All UT community members are welcome and encouraged to comment on the policies within that time frame. If you would like to be included in the email updates that indicate changes to the Policies Posted for Comment page by emailing policies@utoledo.edu.

All current Compliance Policies are listed below:

3364-15-01 HIPAA Organizational structure and administrative responsibilities
3364-15-02 Detecting and preventing fraud, waste and abuse
3364-15-03 Compliance incident reporting
3364-15-04 Non-retaliation policy
3364-15-05 Protected disclosures through the anonymous reporting line
3364-15-10 Confidentiality of Patient Information
3364-15-11 Government investigation of fraud and abuse
3364-15-12 Identity theft detection, prevention, and mitigation
3364-15-15 Technology Accessibility
     3364-15-15.1 Technology Accessibility Procedures
3364-15-16  Electronic signatures
3364-15-18 Financial fraud prevention
3364-15-19 Foreign gifts and contracts reporting

 

Current HIPAA Policies listed below:

3364-90-01 Release of Health Information
3364-90-02 Minimum Necessary Guidelines for Use/Disclosure of Protected Health Information
3364-90-03 Request for Restriction of Health Information
3364-90-05 De-identifiable and Re-identifiable Health Information, Limited Data Set and Data Use Agreements
3364-90-07 Medical Record Availability and Access
3364-90-08 Patient Directory
3364-90-09 Joint Notice of Privacy Practices
3364-90-11 Accounting and Documentation of Disclosures of Protected Health Information Other than Treatment, Payment or Healthcare Operations
3364-90-12 Security and Protection of Patient Information – Both Paper and Electronic
3364-90-13 Business Associate Agreement
3364-90-14 Photographing, Videotaping, Filming, Video Recording
3364-90-15 Reporting of Security Breach of Protected Health Information including Personal Health Information
3364-90-16 Medical Record Retention and Destruction; Disposal of Protected Health Information
3364-90-17 Medical Record Amendment
3364-90-18 Patient Request for Confidential Communications
3364-100-90-19 Social Media
Last Updated: 6/27/22