The University of Rhode Island has developed a set of policies and procedures, and standard forms, to comply with and implement the applicable requirements of the Health Insurance Portability and Accountability Act.
The University of Rhode Island (URI) is committed to ensuring compliance with the Health Insurance Portability and Accountability Act (HIPAA), which safeguards the privacy and security of individuals’ health information. URI’s dedicated HIPAA website provides comprehensive resources, including detailed security and privacy policies, essential forms, and guidance documents to support the university community in adhering to HIPAA regulations. These resources are designed to assist faculty, staff, and students in understanding and implementing HIPAA requirements effectively, thereby maintaining the confidentiality and integrity of protected health information within the university’s operations.
HIPAA (Health Insurance Portability and Accountability Act) is a U.S. federal law enacted in 1996 designed to protect the privacy and security of individuals’ medical information, known as Protected Health Information (PHI). HIPAA sets standards for the handling, sharing, and protection of health data to ensure confidentiality and compliance across healthcare organizations and their partners.
Privacy Policies
Privacy Policies provide foundational terminology and definitions used throughout the University of Rhode Island’s HIPAA policies. They clarify key concepts such as “Covered Entities,” “Business Associates,” “Protected Health Information (PHI),” and other HIPAA-related terms, ensuring consistent understanding and application across all URI departments classified as HIPAA Covered or Business Associate Components. These documents serve as a reference point for interpreting HIPAA rules and aligning university practices with federal regulations.
ExploreSecurity Policies
Security Policies outlines the University of Rhode Island’s approach to safeguarding electronic protected health information (EPHI). They establish mandatory procedures for identifying, managing, and mitigating security risks. Emphasizing risk analysis, staff training, system monitoring, and enforcement of sanctions, this set of policies ensures compliance with HIPAA’s administrative safeguard standards, reinforcing the university’s commitment to the confidentiality, integrity, and availability of health data.
ExploreHIPAA Forms
These forms support a range of privacy and security needs, such as authorizing the release of health information, documenting business associate agreements, or using secure communication practices. Whether you’re a student, staff member, or part of a healthcare-related unit, these documents ensure that protected health information (PHI) is managed responsibly and legally.
Forms