In this Section
Privacy Compliance
Under the federal Health Insurance Portability and Accountability Act (HIPAA), healthcare providers are required to:
-
Provide the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs;
-
Reduce health care fraud and abuse;
-
Meet industry-wide standards for healthcare information on electronic billing and other processes
-
Protect the confidentiality of personal health information
In practice, HIPAA requires UCI Health to:
- Implement privacy and security policies, including those for notifying patients of their privacy rights and implementing mechanisms for patients to exercise those rights — such as accessing and amending their records, and requesting an accounting of disclosures of their health information
- Provide education and training to all staff and faculty
- Establish mechanisms to accept and follow up on patient and other privacy complaints
- Take corrective action when needed and mitigate the impact to patients of any breaches of their privacy
- Designate a privacy officer and a security officer who are responsible for implementation of the HIPAA regulations within a covered entity
To protect patient privacy, we conduct surveys to ensure that:
- Paper and electronic records containing patient information are physically and electronically safeguarded
- Patient information is disclosed only as permitted by law or as authorized by the patient
- There is surveillance of appropriate access to electronic patient records
View forms and more information about specific UCI Health privacy policies *:
* UCI Health credentials are required to view some of these forms.
The Privacy Rule requires UCI Health to enter into a confidentiality agreement with certain third parties when UCI Health shares PHI with the third party (e.g., non-health care providers) for the purposes of treatment, payment or healthcare operations. This is called a business associate agreement ("BAA").
A business associate relationship exists when an individual or entity, acting on behalf of UCI Health, assists in the performance of a function or activity involving the use or disclosure of UCI Health's PHI. The UC Irvine Purchasing Department is responsible for completing the University's HIPAA-compliant Business Associates Agreement (BAA) with outside vendors that provide goods or services to UCI Health.
Health Information Management provides the following services and administrative oversight for all inpatients, emergency room encounters and ambulatory surgery patients:
- Retrieval, maintenance and security of hospital medical records
- Assembly, analysis and coordination of completion of required documentation
- Transcription of dictated reports, as required for record completion
- ICD-9-CM, CPT coding of hospital inpatient and hospital-based outpatient visits, as well as hospital ancillary services provided in association with ambulatory clinic visits
- Release of information/correspondence functions
Log onto Health Information Management Department (HIM) (Request access) ›