University Policy


3364-15-01 HIPAA Organizational structure and administrative responsibilities
3364-15-02 Detecting and preventing fraud, waste and abuse
3364-15-03 Compliance incident reporting
3364-15-04 Non-retaliation policy
3364-15-05 Protected disclosures through the anonymous reporting line
3364-15-10 Confidentiality of Patient Information
3364-15-11 Government investigation of fraud and abuse
3364-15-12 Identity theft detection, prevention, and mitigation
3364-15-15 Technology Accessibility
     3364-15-15.1 Technology Accessibility Procedures
3364-15-16  Electronic signatures
3364-15-18 Financial fraud prevention
3364-15-19 Foreign gifts and contracts reporting

3364-90-01 Release of Health Information
3364-90-02 Minimum Necessary Guidelines for Use/Disclosure of Protected Health Information
3364-90-03 Request for Restriction of Health Information
3364-90-05 De-identifiable and Re-identifiable Health Information, Limited Data Set and Data Use Agreements
3364-90-07 Medical Record Availability and Access
3364-90-08 Patient Directory
3364-90-09 Joint Notice of Privacy Practices
3364-90-11 Accounting and Documentation of Disclosures of Protected Health Information Other than Treatment, Payment or Healthcare Operations
3364-90-12 Security and Protection of Patient Information – Both Paper and Electronic
3364-90-13 Business Associate Agreement
3364-90-14 Photographing, Videotaping, Filming, Video Recording
3364-90-15 Reporting of Security Breach of Protected Health Information including Personal Health Information
3364-90-16 Medical Record Retention and Destruction; Disposal of Protected Health Information
3364-90-17 Medical Record Amendment
3364-90-18 Patient Request for Confidential Communications
Last Updated: 8/17/23