Health Insurance Portability and Accountability Act (HIPAA)
The Health Insurance Portability and Accountability Act is a set of standards and requirements which ensure the protection of individuals' personal health information and grant them rights over said health information. There are six main rights granted: the right to know how the data will be used, the right to obtain a copy of your health data, the right to correct errors in your records, the right to know who has received your data, the right to restriction of your data, and the right to file a complaint for a privacy violation.
The University of Alaska is committed to ensuring appropriate security of all individually identifiable health information and providing quality health care which includes respecting patients' and research participants' rights to maintain the privacy of their health information.
The University is considered a "hybrid entity" under HIPAA, which means that some parts of the University are subject to HIPAA and others are not. The University's health plans, its health care provider services, and those that may access PHI to support the plans or health care provider services are subject to HIPAA. The areas that make us the University's hybrid entity are sometimes referred to as the University's "health care components." Areas outside of the University's health care components may also be subject to HIPAA if they act as a "business associate" of an organization that is subject to HIPAA.
Links To Additional Resources
University of Alaska HIPAA Policy
University of Alaska (State Wide) Policy
Determining HIPAA Hybrid Entity Status
Determining Business Associate Functions
UA HIPAA Organization Structure
HIPAA Status Change Management
Alaska State Requirement This link has been temporarily disabled as the Alaska DHSS website was cyberattacked and there is no current ETA on when the HIPAA page will be back up.
Protecting Student Medical Records
HIPAA Organization Questionnaire
The documents and related information are under review by the HIPAA stakeholders and will be updated as and when they are received.