Compliance Policies
The University of Toledo is currently undertaking a comprehensive review of all University policies. The Compliance Office is also working diligently to review, revise, and create additional and necessary policies throughout this process. Any new or revised policies will be updated on this page after signature by the President.
Any new or revised policies are posted to the Policies Posted for Comment page for 30 days. All UT community members are welcome and encouraged to comment on the policies within that time frame. If you would like to be included in the email updates that indicate changes to the Policies Posted for Comment page by emailing policies@utoledo.edu.
All current Compliance Policies are listed below:
3364-15-02 Detecting and preventing fraud, waste and abuse
3364-15-03 Compliance incident reporting
3364-15-04 Non-retaliation policy
3364-15-05 Protected disclosures through the anonymous reporting line
3364-15-10 Confidentiality of Patient Information
3364-15-11 Government investigation of fraud and abuse
3364-15-12 Identity theft detection, prevention, and mitigation
3364-15-15 Technology Accessibility
Current HIPAA Policies listed below:
3364-90-02 Minimum Necessary Guidelines for Use/Disclosure of Protected Health Information
3364-90-03 Request for Restriction of Health Information
3364-90-05 De-identifiable and Re-identifiable Health Information, Limited Data Set and Data Use Agreements
3364-90-07 Medical Record Availability and Access
3364-90-08 Patient Directory
3364-90-09 Joint Notice of Privacy Practices
3364-90-11 Accounting and Documentation of Disclosures of Protected Health Information Other than Treatment, Payment or Healthcare Operations
3364-90-12 Security and Protection of Patient Information – Both Paper and Electronic
3364-90-13 Business Associate Agreement
3364-90-14 Photographing, Videotaping, Filming, Video Recording
3364-90-15 Reporting of Security Breach of Protected Health Information including Personal Health Information
3364-90-16 Medical Record Retention and Destruction; Disposal of Protected Health Information
3364-90-17 Medical Record Amendment
3364-90-18 Patient Request for Confidential Communications
3364-100-90-19 Social Media