The Washington University HIPAA Privacy Office works with all members of our workforce including faculty, staff, and students to help them understand their responsibilities to protect the confidentiality of our patients’ health information.
Policies & Procedures
These policies and procedures outline the appropriate use and disclosure of protected health information (PHI), patient rights, and breach notification at Washington University.
Business Associate Agreement (BAA)
All companies and individuals doing business with Washington University in St. Louis who may come in contact with protected health information must have a BAA on file with the HIPAA Privacy Office.
HIPAA Privacy Forms
Download patient request forms and confidentiality agreements, media consent authorizations, and business associates agreements.
Medical Records Requests
Patients who would like to request a copy of their medical records can do so by following the instructions on the Washington University Physicians website.
Incident Reporting
Any incident involving the impermissible use or disclosure of Protected Health Information (PHI) must be reported to the HIPAA Privacy Office upon discovery.