-
Research
and Publications
Current Issue
March/April 2013
EDUCAUSE ReviewPublications
-
Conferences
and Events
Annual Conference
October 15–18, 2013
Save the date!Events for all Levels and Interests
Whether you're looking for a conference to attend face-to-face to connect with peers, or for an online event for team professional development, see what's upcoming.
-
Career
Development
EDUCAUSE Institute
Leadership/Management Programs
Explore MoreCareer Center
Leadership and Management Programs
EDUCAUSE Institute
Advanced Programs
Project Management
Jump Start Your Career Growth
Explore EDUCAUSE professional development opportunities that match your career aspirations and desired level of time investment through our interactive online guide.
-
Focus Areas
and InitiativesLatest Topics
EDUCAUSE organizes its efforts around three IT Focus Areas
Join These Programs If Your Focus Is
-
Connect
and ContributeFind Others
Get on the Higher Ed IT Map
Employees of EDUCAUSE member institutions and organizations are invited to create individual profiles.
-
About
EDUCAUSE
Your Selections Under:
- Health Insurance Portability and Accountability Act (HIPAA) [x]
Filter by type
Filter by Publications
Filter by Presentations
Filter by Library Taxonomy
- Health Insurance Portability and Accountability Act (HIPAA) [x]
- Federal Policy and Law (54)
- Federal Privacy Law (54)
- Policy and Law (54)
- Cybersecurity (34)
- Security Management (28)
- Information Technology Management and Leadership (23)
- Family Educational Rights and Privacy Act (FERPA) (20)
- Privacy (16)
- Campus Policy and Law (14)
- Cybersecurity Policy (14)
- Campus Policies (13)
- Data Security (12)
- Identity and Access Management (8)
- Privacy Policies (7)
- Audit (6)
- Information Systems and Services (6)
- Security Policies (5)
- Staffing (5)
- Students (5)
HIPAA - Health Insurance Portability and Accountability Act of 1996
The privacy provisions of the federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans, and health care clearinghouses.
Note: HIPAA privacy standards became effective in April 2003 and the HIPAA security standards will go into effect April 21, 2005.
EDUCAUSE has identified links concerning HIPAA that may be useful to the higher education community. Many of these links have been contributed by EDUCAUSE members. If you have additional resources you would like to include on this page, send the information to: contribute@educause.edu
Federal Government Resources
HIPAA Security Standards
Health Insurance Reform: Security Standards; Final Rule. February 20, 2003.
HIPAA Privacy Standards
Standards for Privacy of Individually Identifiable Health Information; Final Rule. August 14, 2002.
Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Public Law 104-191, passed by the 104th Congress
Office for Civil Rights - HIPAA
The privacy provisions of the federal law, the Health Insurance Portability and Accountability Act of 1996 (HIPAA), apply to health information created or maintained by health care providers who engage in certain electronic transactions, health plans, and health care clearinghouses.
Centers for Medicare & Medicaid Services
(CMS) Centers for Medicare & Medicaid Services is responsible for implementing various unrelated provisions of HIPAA. This page contains a directory of CMS's business activities with regard to HIPAA.
Press Release - CMS Named to Enforce HIPAA Transaction and Code Set Standards 10/15/02
Non-governmental Organizations Resources
Expert HIPAA Compliance Solutions
This site offers a HIPAA compliance discussion area, news updates, a weekly newsletter, links to resources, readiness checklists, and information for health care providers and employers.
Guidelines for Academic Medical Centers on Security and Privacy
Association of American Medical Colleges' Guidelines for Academic Medical Centers on Security and Privacy. This site offers practical strategies for addressing the Health Insurance Portability and Accountability Act (HIPAA).
HIPAA.ORG
A collection of miscellaneous HIPAA links. Categories include laws, identifiers, transactions, enforcement, security, privacy, codes and discussion groups.
HIPAAcomply
This site includes information on HIPAA news, timeline, discussion lists, events, legislation and technology.
HIPAAdvisory
This site includes information regarding HIPAA regulations, news updates, white papers, discussion lists and FAQs.
Implementation Guides Adopted for use under HIPAA
Washington Publishing Company (WPC) specializes in managing and distributing Electronic Data Interchange (EDI) information, primarily in the form of documentation for organizations that develop, maintain, and implement EDI standards.
InfoShare HIPAA Information
InfoShare is concerned primarily with the research implications of the privacy regulations.
ReadyforHIPAA.com
The ReadyforHIPAA.com web site is intended primarily for IT professionals in search of information and resources on the issues involved with complying with HIPAA regulations.
Strategic National Implementation Process
HIPAA resources include transactions code sets and standards and HIPAA vendor solutions
Universities and HIPAA
- New York University School of Medicine
- Ohio University Without Boundaries
- Oregon Health & Science University
- Stanford University Medical Center
- University of Alabama at Birmingham
- University of California, San Francisco Medical Center
- University of Illinois at Chicago College of Medicine
- University of Kentucky Chandler Medical Center
- University of Minnesota, Privacy and Security Project
- University of Wisconsin, Madison
- Yale University
Library Items on this Topic
EDUCAUSE Library Items for Health Insurance Portability and Accountability Act (HIPAA)
-
HIPAA
-
Health Insurance Portability and Accountability Act (HIPAA) True …
-
Providing Private Cloud Services to Support HIPAA Compliance
-
April 17, 2013
|
A session at the Enterprise IT Leadership Conference 2013
HIPAA and HIPAA HITECH legislation requires our institutions to protect Electronic Personal Health Information (EPHI). University departments in the health sciences clearly have teaching, research…
-
IT Compliance Framework for Institutions of Higher Ed
-
April 16, 2013
|
A session at the Security Professionals Conference
Institutions of higher education are increasingly expected to comply with various regulatory requirements specifically focused at data privacy and protection. Sometimes there could be overlap in ef…
-
Protecting the Security of Research Data
-
November 8, 2011
The effective protection and management of research data has become a hot topic in U.S. higher education. Funding agencies increasingly require data management plans as part of grant submittals…
-
Leverage the Cloud + Leverage In-House + Improve Security = Save Money
-
January 11, 2012
|
A session at the Mid-Atlantic Regional Conference 2012
The University of Maryland in Baltimore had to replace its in-house student e-mail system. Our students wanted Google. We had concerns with security as well as compliance requirements such as HIPAA…
-
HIPAA Demystified: A Simple Approach to Building a HIPAA Compliance Program
-
June 29, 2011
The HIPAA/HITECH Act now requires any entity that handles protected health information (PHI) to report breaches , whether in paper or electronic form. For colleges and universities with em…
-
HIPAA Demystified: A Simple Approach to Building a HIPAA Compliance Program
-
March 30, 2011
|
A session at the NERCOMP Annual Conference 2011
The HIPAA/HITECH Act now requires any entity that handles protected health information (PHI) to report breaches, whether in paper or electronic form. For colleges and universities with employee h…
-
Compliance Matrix Poster for IT & Compliance Professionals
-
March 17, 2010
This matrix poster developed by Symantec outlines IT Controls for security and privacy concerns related to regulatory compliance in the workplace. Topics addressed in this poster include: Regu…
-
Privacy and Confidentiality: Holding IT Service Providers Accountable
-
November 3, 2009
This ECAR research bulletin addresses the data privacy issues that must be covered by contractual language when entering into an agreement for externally provided IT services or for external con…
-
Forward Into the Cloud
-
September 30, 2009
With more students auto-forwarding e-mail to private accounts, even colleges that have not outsourced their e-mail find it difficult to keep correspondence on their own servers. …
