Our mission is to establish a HIPAA Privacy Program which fosters a culture that values and supports the protection of personal health information while supporting the mission of advancing human health.
The HIPAA Privacy Office
The Washington University School of Medicine has established the HIPAA Privacy Office led by healthcare privacy experts to ensure Washington University conducts its healthcare activities in compliance with applicable laws, regulations, and standards for the privacy and security of health information. The HIPAA Privacy Office reports to the Vice Chancellor for Clinical Affairs under the directions of the WUSM Executive Vice Chancellor for Medical Affairs and the Washington University Physicians / Faculty Practice Plan Board of Directors. Washington University is committed to providing quality health care which includes respecting patients’ and clinical research subjects’ right to maintain the privacy of their health information and ensure the appropriate security of all protected health information (PHI).
Protecting Patient Privacy at Washington University in St. Louis
“HIPAA (Health Insurance Portability and Accountability Act) – is a U.S. law designed to provide privacy and security standards to protect patients’ medical records and other health information provided to health plans, billing/coding companies, doctors, hospitals, and other health care providers (known as Covered Entities).” As such, Washington University is a covered entity.
HIPAA Privacy Rule – The HIPAA Privacy Rule regulates the Use and Disclosure of individually identifiable health information and gives individuals the right to determine and restrict access to certain health information. Compliance with HIPAA’s privacy regulations became required on April 14, 2003, and is managed by the HIPAA Privacy Officer and HIPAA Privacy Office. Noncompliance with HIPAA regulations can result in substantial penalties, both civil and criminal
HIPAA Security Rule – The HIPAA Security Rule requires that reasonable and appropriate technical, physical, and administrative safeguards be taken with electronic individually identifiable health information. Specifically, we must ensure the confidentiality, integrity, and availability of all electronic protected health information (ePHI) we create, receive, maintain or transmit. Compliance with the Security Rule became required on April 21, 2005, and is managed by the Office of Information Security and WUSM Chief Information Security Officer
HIPAA Privacy Office – The HIPAA Privacy Office is the source for any assistance Washington University workforce members need with HIPAA compliance questions. Our HIPAA Privacy Team is comprised of talented health information privacy professionals with a combined experience of over 50 years in healthcare privacy. In addition, each business unit/department has identified an individual as their HIPAA Privacy Liaison to assist with ongoing compliance with HIPAA. Please contact the HIPAA Privacy Office with questions or concerns at 314-747-4925 or email@example.com
Basic Training in HIPAA – Basic training of the HIPAA Regulation is mandatory for all members of the WU workforce, including our students and volunteers, who interact with patients or who use and disclose PHI. The HIPAA Privacy Office monitors compliance with HIPAA training. We also provide ongoing in-person and/or online HIPAA refresher presentations that are available upon request.
Department of Health & Human Services – More details about HIPAA can be found from its source, the Department of Health and Human Services (HHS), Office for Civil Rights