Updates Policy (UBIT HIPAA)

Category: HIPAA Security
Responsible Office: UBIT HIPAA Compliance
Responsible Executive: Vice President and Chief Information Officer (VPCIO)
Approved By (Name/Title): J. Brice Bible, VPCIO

On this page:

Summary

CATEGORY: Policies and Procedures and Documentation
TYPE:
Required Implementation Specification for Documentation Standard 
CITATION:
45 CFR 164.316(b)(1)(iii)

The University at Buffalo Information Technology (UBIT) operates as a covered entity as defined by the U.S. Department of Health and Human Services Office of Civil Rights. HIPAA Regulation Text 45 CFR Part 164.316(b)(1) requires a covered entity to maintain the policies and procedures implemented to comply with this subpart in written (which may be electronic) form. If an action, activity or assessment is required by this subpart to be documented, maintain a written (which may be electronic) record of that action, activity, or assessment.

Policy

UBIT reviews and updates HIPAA policies periodically and/or in response to environmental or operational changes affecting the security of ePHI.

Applicability

This policy applies to all UBIT workforce members.

Responsibility

Workforce members: Adhere to all policies and procedures as written.

HIPAA Security and Privacy Officer: Reviews and updates documentation periodically and/or in response to environmental or operational changes affecting the security of the ePHI.

Compliance Officer: In conjunction with the HIPAA Security and Privacy Officer, the Compliance Officer reviews and updates documentation periodically and/or in response to environmental or operational changes affecting the security of the ePHI.

Contact Information

HIPAA Security and Privacy Officer
Website: http://www.buffalo.edu/ubit.html

Vice President and Chief Information Officer
J. Brice Bible
517 Capen Hall
Buffalo, NY 14260
Phone: 716-645-7979
Email: vpcio@buffalo.edu
Website: http://www.buffalo.edu/ubit.html

Date Approved: 12/6/2017