unit logo

The Health Insurance Portability and Accountability Act (HIPAA) is federal legislation designed to limit gaps in insurance coverage and to improve the privacy of personal health information. Compliance involves taking a required training course and signing a confidentiality agreement.

Full HIPAA compliance ensures that patients and their families have the privacy of their health information and their medical records protected. HIPAA regulations set tight boundaries on the use and release of health records and give patients more control over and access to their health information, enabling them to find out how their information may be used, and about certain disclosures of their information that have been made.

HIPAA regulations provide clear standards for protecting personal health information recorded or transmitted on paper, e-mail, and the computer and/or telephone, including billing records and fund transfers. They also prohibit individuals from looking into patient records without a well-defined professional reason and place limitations on who can access such records. Clinical departments and units related to business operations must make sure all of their systems, security measures, and procedures meet HIPAA requirements. HIPAA includes civil or criminal penalties for those who violate patients’ privacy rights. Additionally, if you are found to be in violation on this law, appropriate disciplinary action may be taken up to and including dismissal.

For further information about HIPAA, visit the UF Privacy website or contact the Office of the Vice President for Health Affairs at 392-8981.