IT Policies

HIPAA, Health Insurance Portability and Accountability Act Technical Security

See www.wisc.edu/hipaa/ for information on the campus implementation of HIPAA.

For assistance, please contact the appropriate HIPAA coordinator as described below.

HIPAA is a Federal law that requires health care providers to take specific steps to protect the privacy and security of Protected Health Information or PHI. There are eight entities in UW-Madison's Health Care Component or HCC.

Each entity of the HCC is responsible for their own implementation of the HIPAA security regulation, guided by the UW-Madison HIPAA Security Policy. Each entity makes their own decisions regarding the hardware, software, services, security controls and best practices they will deploy in response to HIPAA. Each entity has a privacy coordinator, a security coordinator, and a training coordinator.

Anyone who needs to access PHI must contact the appropriate HIPAA coordinator for guidance on how to proceed.

DoIT can provide technical information, alternatives, pro's and con's and general advice on hardware, software, services, security controls and best practices, but we cannot provide a specific recommendation for which solution is the best match for a particular entity of the HCC. Only the appropriate HIPAA coordinator for an entity of the HCC can make that determination.

For more information on HIPAA see www.wisc.edu/hipaa/