The Washington University HIPAA Privacy Office works with all members of our workforce including faculty, staff, and students to help them understand their responsibilities to protect the confidentiality of our patients’ health information.
These policies and procedures outline appropriate use and disclosure of protected health information (PHI), patient rights, and breach notification at Washington University.
All companies and individuals doing business with Washington University in St. Louis who may come in contact with protected health information must have a BAA on file with the HIPAA Privacy Office.
Download patient request forms and confidentiality agreements, media consent authorizations and business associates agreements.
Any incident involving the impermissible use or disclosure of Protected Health Information (PHI) must be reported to the HIPAA Privacy Office upon discovery.