HIPAA (Health Insurance Portability and Accountability Act)

HIPAA Privacy staff are currently working remotely, but available via email, phone, and web-conferencing technologies. Reference the “Who We Are” link above for staff contact information. If you need to report a HIPAA Incident, use the “Report a HIPAA Incident” button below. If you are looking for information about UW Health clinical facilities, see www.uwhealth.org.

Visit Approved Tools for Exchanging and Storing PHI for a list of permitted and approved tools for exchanging and/or storing Protected Health Information in accordance with HIPAA (updated February 19, 2021).

For a listing of announcements and guidance issued by HHS and OCR so far during the COVID-19 pandemic visit HIPAA Compliance Announcements (updated April 24, 2020).

Overview

UW-Madison is committed to protecting the privacy and security of health information, as mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH). HIPAA and HITECH establish national standards for protecting the privacy and security of health information and define specific rights for individuals with respect to their health information.

Information on HIPAA Security at UW-Madison

Visit the Office of Cybersecurity’s HIPAA Security Program webpage for more information.

Tools for Exchanging and Storing PHI

External HIPAA Resources

Visit External HIPAA Resources for a list of resources related to HIPAA regulations, PHI, research, and other privacy topics.

HIPAA Governance Structure

Visit HIPAA Governance Structure at UW-Madison for a current diagram.

Charter for the HIPAA Privacy & Security Executive Board

To access the most recent charter, visit HIPAA Privacy and Security Executive Board charter (updated November 12, 2020).

Charter for the HIPAA Privacy & Security Operations Committee

To access the most recent charter, visit Operations Committee charter (updated February 25, 2020).