HIPAA Policy

Section: 
College Administration
Policy Number: 
110
Effective: 
Tuesday, August 16, 2016
Last Revised: 
Tuesday, August 16, 2016
Policy: 

This policy addresses the confidentiality and safeguarding of individually identifiable health information transmitted or maintained in any form or medium by South Puget Sound Community College in accordance with the Health Information Portability and Accountability Act (HIPAA).

South Puget Sound Community College is designated as a hybrid entity, meaning it conducts both covered and non-covered functions. The Campus Dental Clinic located within the dental assisting program is the healthcare component that generates Protected Health Information (PHI).  The college’s Business Office and Information Technology (IT) department perform functions that support the Dental Clinic and must comply with HIPAA to the extent they create, receive, maintain, or transmit PHI on behalf of the Dental Clinic. 

In order to assure compliance with HIPAA the College maintains the following roles:

HIPAA Compliance Officer - The College's Risk Manager, VP of Administration

HIPAA Privacy Officer - Director of the Dental Department

HIPAA Security Officer - Chief Information Security Officer

 

Purpose: 

The purpose of this policy is to assure the College's compliance with HIPAA and to safeguard protected health information (PHI).

 

To Whom Does This Policy Apply: 

All employees, students, and volunteers who have or who might have access to protected health information.