U of A HIPAA Privacy Program
The University of Arizona HIPAA Privacy Program (HPP) is a part of University Privacy and oversees all ongoing activities related to U of A’s implementation of HIPAA policies and procedures and is the office primarily responsible for ensuring U of A’s HIPAA compliance.
The HIPAA Privacy Officer is responsible for developing and implementing relevant procedures, training and educational materials, and responding to privacy breaches.
HIPAA
The Health Insurance Portability and Accountability Act of 1996 (HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act under the American Recovery and Reinvestment Act of 2009 (ARRA), along with associated regulations, establish national standards for the protection of individuals' protected health information (PHI). These rules govern the use and disclosure of PHI by covered entities and their business associates, and include requirements for privacy, security, and breach notification.
Hybrid Entity Status
UA is a Hybrid Entity and has designated Health Care Components in accordance with 45 CFR § 164.105. These Health Care Components must comply with HIPAA, including the Privacy Rule, the Security Rule, and the Breach Notification Rule. If you have questions about whether you, your department, or your program is a HIPAA covered entity, please contact the HIPAA Privacy Office to discuss.