HIPAA at UW-Madison
UW-Madison is committed to protecting the privacy and security of health information, as mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA), and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). HIPAA and HITECH establish national standards for protecting the privacy and security of health information and define specific rights for individuals with respect to their health information.
Content previously available at hipaa.wisc.edu lives here (as of December 15, 2017). Please familiarize yourself with our new website layout.
Contact your HIPAA Privacy and Security Officers and Coordinators if you have difficulty locating a resource or form, or to share suggestions for improving our website. Thank you!
UW-Madison Notification About Postcard Incident
UW-Madison is committed to protecting the privacy and confidentiality of our patients’ and research participants’ information.
On July 10, 2017, the UW-Madison Department of Family Medicine and Community Health mailed postcards with a request to certain patients to participate in a quality improvement survey project; the information should have been enclosed in sealed envelopes. Upon learning of the postcard mailing, UW-Madison immediately began reviewing the situation. The postcards contained recipients’ names and mailing addresses, and referenced prescription medications and family planning services. No other identifiable information was included.
We have no indication that information on the postcards has been misused in any way; however, as a precaution, we began mailing letters to affected patients on September 7, 2017, and established a dedicated call center to answer any questions patients may have. If you believe you may be affected and have not received a letter by September 15, 2017, or if you have any questions regarding this situation, please call 1-800-939-4170, Monday-Friday, 8:00 a.m.-7:00 p.m. CST. (After December 7, 2017, contact (608) 265-6018, Monday-Friday, 8:00 a.m.-4:30 p.m. CST.) You may also send concerns via email to email@example.com.
We apologize for any inconvenience or concern this may cause. To help prevent this from happening in the future, we already modified work-flows to allow for additional levels of review of any direct mailings, and are reinforcing educational efforts about patient mailings with our workforce.
Date Published: September 7, 2017