The primary focus of the University of Oregon Privacy Office is to protect the confidentiality of protected health information that is created, transmitted, or maintained by the University while pursuing the University’s mission of education and research. The Health Insurance Portability and Accountability Act (HIPAA) allows a complex organization with multiple functions to designate itself as a Hybrid Covered Entity. As a Hybrid Covered Entity, the University of Oregon houses departments that are subject to the HIPAA Privacy and Security regulations and departments that are not.
The regulatory purpose of a Privacy Office includes functions such as receiving complaints, serving as a resource to faculty and staff, supporting research, conducting training, and developing policy. An important element of the Privacy Office’s responsibilities is to ensure that the client or patient rights are upheld by the covered components of the University.
If you have a concern, would like a consultation, or to request a training, contact Safety and Risk Services.