The primary focus of the Health Insurance Portability and Accountability Act (HIPAA) Privacy Team is to protect the confidentiality of protected health information that is created, transmitted, or maintained by the University while pursuing the University’s mission of education and research. HIPAA allows a complex organization with multiple functions to designate itself as a Hybrid Covered Entity. As a Hybrid Covered Entity, the University of Oregon houses departments that are subject to the HIPAA Privacy and Security regulations and departments that are not.
The regulatory purpose of a HIPAA Privacy Team includes functions such as receiving complaints, serving as a resource to faculty and staff, supporting research, conducting training, and developing policy. An important element of the HIPAA Privacy Team's responsibilities is to ensure that the client or patient rights are upheld by the covered components of the University.
If you have a concern, would like a consultation, or to request a training, contact Safety and Risk Services.