The Privacy Office
(HIPAA, FERPA, etc.)
Protecting the privacy of patient, student, and employee information is an important responsibility facing not only UTMB but all organizations entrusted with confidential information. As an academic medical center, UTMB is privileged to provide patient care, educate tomorrow's healthcare workforce, and engage in cutting edge biomedical research. With this privilege also comes the responsibility to understand and address privacy issues that impact the communities we serve.
Chances are that if you work here, you are exposed to some type of confidential information- information that should remain private- whether it's medical, employee, student, research, or financial information doesn't matter. UTMB depends upon you to do your part to protect the confidentiality of the information we have.
UTMB's OIC/Privacy Office coordinates the policies, procedures, and processes needed to protect the privacy of the confidential information entrusted to us. One of the most important parts of our job to be a resource to you! We do this through training and advice-giving related to UTMB policies, as well as State and Federal laws and regulations, associated with information privacy and security.
If you are a member of one of the communities we serve- whether you're our employee, patient, or student- we want you to understand we take our responsibility seriously and strive to ensure the privacy and security of your information.
- About the Office
- Information Security and Privacy Compliance Committee
- The goal of the UTMB Privacy Compliance Plan is to provide guidelines that promote understanding and compliance with applicable laws, rules, and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) and Family Educational Rights and Privacy Act (FERPA) and other applicable privacy regulations.
- The objectives of UTMB's Privacy Compliance Plan are to:
- Information Security Office
1. Support UTMB in fulfilling its mission;
2. Ensure that UTMB faculty, house staff, employees, and students understand how to appropriately handle and safeguard PHI and other sensitive personal information as well as the core responsibilities for complying with HIPAA, FERPA and other privacy and security regulations;
3. Ensure that the business of UTMB is conducted in accordance with applicable laws and regulations relating to information privacy and security;
4. Assist in identifying PHI and other personally identifiable information and the manner in which it is to be used and disclosed;
5. Establish compliance standards and procedures for UTMB Workforce Members using or otherwise coming into contact with PHI and other personally identifiable information;
6. Communicate effectively the compliance standards, policies and procedures set forth in this Privacy Compliance Plan to UTMB’s Workforce Members;
7. Take reasonable steps to achieve compliance with the standards, policies and procedures set for in this Privacy Compliance Plan by, for example, implementing, monitoring and auditing systems reasonably designed to detect the improper use and disclosure of PHI; and
8. Respond appropriately to non-compliance after detection and to prevent recurrence, which may require modifications to this Privacy Compliance Plan.
- Patient Privacy(HIPAA)
- Notice of Privacy Practice 2012(English)
- Notice of Privacy Practice 2012(Spanish)
- Acknowledgment of Receipt of Notice of Privacy Practice
- Patient's Rights
- Business Associates
- Authorization for the Release of PHI by UTMB(English)
- Authorization for the Release of PHI by UTMB(Spanish)
- Authorization to Release PHI to UTMB
- Request for Correction/Amendment of PHI
- Authorization/Consent to Photograph/Video Patients
- Revocation of Authorization to Release PHI
- Consent for Manufacturer Patient Assistance Programs
- Student Privacy(FERPA)
- UTMB Enrollment Services