The Privacy Office

(HIPAA, FERPA, etc.)

About the Office

Information Security and Privacy Compliance Committee

The goal of the UTMB Privacy Compliance Plan is to provide guidelines that promote understanding and compliance with applicable laws, rules, and regulations, including the Health Insurance Portability and Accountability Act (HIPAA) and Family Educational Rights and Privacy Act (FERPA) and other applicable privacy regulations.

The objectives of UTMB's Privacy Compliance Plan are to:

  1. Support UTMB in fulfilling its mission;
  2. Ensure that UTMB faculty, house staff, employees, and students understand how to appropriately handle and safeguard PHI and other sensitive personal information as well as the core responsibilities for complying with HIPAA, FERPA and other privacy and security regulations;
  3. Ensure that the business of UTMB is conducted in accordance with applicable laws and regulations relating to information privacy and security;
  4. Assist in identifying PHI and other personally identifiable information and the manner in which it is to be used and disclosed;
  5. Establish compliance standards and procedures for UTMB Workforce Members using or otherwise coming into contact with PHI and other personally identifiable information;
  6. Communicate effectively the compliance standards, policies and procedures set forth in this Privacy Compliance Plan to UTMB’s Workforce Members;
  7. Take reasonable steps to achieve compliance with the standards, policies and procedures set for in this Privacy Compliance Plan by, for example, implementing, monitoring and auditing systems reasonably designed to detect the improper use and disclosure of PHI; and
  8. Respond appropriately to non-compliance after detection and to prevent recurrence, which may require modifications to this Privacy Compliance Plan.

Privacy Compliance Plan IHOP 6.2.40

Report a Suspected Privacy Incident

Information Security Office