Privacy Compliance Under the federal Health Insurance Portability and Accountability Act (HIPAA), healthcare providers are required to: Provide the ability to transfer and continue health insurance coverage for millions of American workers and their families when they change or lose their jobs; Reduce health care fraud and abuse; Meet industry-wide standards for healthcare information on electronic billing and other processes Protect the confidentiality of personal health information In practice, HIPAA requires UCI Health to: Implement privacy and security policies, including those for notifying patients of their privacy rights and implementing mechanisms for patients to exercise those rights — such as accessing and amending their records, and requesting an accounting of disclosures of their health information Provide education and training to all staff and faculty Establish mechanisms to accept and follow up on patient and other privacy complaints Take corrective action when needed and mitigate the impact to patients of any breaches of their privacy Designate a privacy officer and a security officer who are responsible for implementation of the HIPAA regulations within a covered entity To protect patient privacy, we conduct surveys to ensure that: Paper and electronic records containing patient information are physically and electronically safeguarded Patient information is disclosed only as permitted by law or as authorized by the patient There is surveillance of appropriate access to electronic patient records View forms and more information about specific UCI Health privacy policies *: * UCI Health credentials are required to view some of these forms.
Authorizations & Consent Authorization for Photography for Educational Purposes › Authorization for Photography for Media and Other Related Purposes › Authorization for Recording of Psychotherapy Session for Other Training › Authorization to Release Health Information › Consent Recording of Psychotherapy for Resident Training › Email Consent Form › Google Glass Consent for Photography and Authorization for Release of Information › Google Glass Consent for Photography and Authorization for Release and Storage of Information › HIPAA Research Authorization UC Irvine Releases (English) › Cancellation of Permission to Use Personal Health Information for Research › UC Irvine Medical Center Authorization Research — Summary of Key Points › Business Associates The Privacy Rule requires UCI Health to enter into a confidentiality agreement with certain third parties when UCI Health shares PHI with the third party (e.g., non-health care providers) for the purposes of treatment, payment or healthcare operations. This is called a business associate agreement ("BAA"). A business associate relationship exists when an individual or entity, acting on behalf of UCI Health, assists in the performance of a function or activity involving the use or disclosure of UCI Health's PHI. The UC Irvine Purchasing Department is responsible for completing the University's HIPAA-compliant Business Associates Agreement (BAA) with outside vendors that provide goods or services to UCI Health. Confidentiality UCI Health Confidentiality Statement (English) › Confidentiality Statement for Visitors and Vendors (English) › Oath of Confidentiality — Developmental Health Records › Oath of Confidentiality — Mental Health Records › Guidance & Policies for Staff View UCI Health Guidance and Policies for staff › Health Information Management Health Information Management provides the following services and administrative oversight for all inpatients, emergency room encounters and ambulatory surgery patients: Retrieval, maintenance and security of hospital medical records Assembly, analysis and coordination of completion of required documentation Transcription of dictated reports, as required for record completion ICD-9-CM, CPT coding of hospital inpatient and hospital-based outpatient visits, as well as hospital ancillary services provided in association with ambulatory clinic visits Release of information/correspondence functions Log onto Health Information Management Department (HIM) (Request access) › HIPAA HIPAA Business Associate Amendment › HIPAA Notice of Patient Privacy Practice › HIPAA Research Authorization UC Irvine Releases (English) › UC Irvine Medical Center Authorization Research — Summary of Key Points › HIPAA Marketing Authorization Form (English) › HIPAA Data Use Agreement Form › Privacy Resources Centers for Medicare and Medicaid Services HIPAA Resources › Fundraising & Marketing FAQ's › Health Information Management Department (HIM) (Request access) › Health Information Privacy — U.S. Department of Health & Human Services › Health Information Privacy (Summary of the HIPAA Privacy Rule) › HIPAA Guidance Materials › HIPAA PHI-Reference Manual 2003 › UCOP Privacy Compliance › Medical Identity Theft › Stop Medicare Identity Theft ›