UW-Madison is committed to protecting the privacy and security of health information, as mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). HIPAA and HITECH establish national standards for protecting the privacy and security of health information and define specific rights for individuals with respect to their health information.
Information on HIPAA Security at UW-Madison
Visit the Office of Cybersecurity’s HIPAA Security Program webpage for more information.
Tools for Exchanging and Storing PHI
Visit Approved Tools for Exchanging and Storing PHI for a list of permitted and approved tools for exchanging and/or storing Protected Health Information in accordance with HIPAA (website and form were updated 8/2/2023, only non-substantive changes were made, 4/13/2022 is still the most up to date version of this document).
External HIPAA Resources
Visit External HIPAA Resources for a list of resources related to HIPAA regulations, PHI, research, and other privacy topics.
HIPAA Governance Structure
Visit HIPAA Governance Structure at UW-Madison for a current diagram.
Charter for the HIPAA Privacy & Security Executive Board
To access the most recent charter, visit HIPAA Privacy and Security Executive Board charter (website updated July 21, 2023, charter updated June 26, 2023).
Charter for the HIPAA Privacy & Security Operations Committee
To access the most recent charter, visit Operations Committee charter (updated February 25, 2020).