Guidelines
for Academic Medical Centers on Security and Privacy
Practical
Strategies for Addressing the
Health Insurance Portability and Accountability Act (HIPAA)
Additional HIPAA Resources
Contact for questions and ordering information
(links below are all pdf files)
Background
Executive Summary (file size 266kb)
Introduction
Purpose, Scope and Acknowledgments
AMC Guidelines Organization of the
Guidelines
AMC HIPAA Security Guidelines
Section One: Requirements
for Security Administration
Section Two: Requirements for
Physical Safeguards
Section Three: Requirements
for Technical Security, Services, and Mechanisms
AMC HIPAA Privacy Guidelines
Section One: Covered
Entities
Section Two: Consent and Authorization
Section Three: Uses and disclosures
Section Four: Consumer Controls
Section Five: Administrative requirements
AMC
AMC General
Policy and Management Guidelines
Acronyms
Definitions of Terms Used in this Guideline
References
Supplement
Sample
Contracts and Policies
Job Descriptions
Download Complete Documents
Guidelines for Academic
Medical Centers on Security and Privacy (file size 1.12mb)
Supplement to Guidelines for Academic Medical Centers on Security and Privacy (file size266kb)
Pocket Policy Trifold (file size 91.9kb)
To
view documents in the Portable Document Format (PDF), you will need the
Adobe Acrobat® Reader, which can be downloaded from this site.
Contact Morgan Passiment or Sherine Patterson if you have any problem downloading.
The privacy and security regulations stemming from the Health Insurance Portability and Accountability Act of 1996 (HIPAA) have captured the attention of the healthcare community. The cumulative cost of compliance with these regulations is variously estimated to cost from somewhere between the equivalent of Y2K preparation for the community to many times that amount. A recent study commissioned by the American Hospital Association placed costs at $22.5 billion over the next five years. To assist medical schools and teaching hospitals in addressing the new regulations, The National Library of Medicine (NLM) funded a series of workshops engaging the membership of several organizations: AAMC's Group on Information Resources, Internet 2, Object Management Group, and Workgroup on Electronic Data Interchange. The workshop participants analyzed current health information security and privacy polices, made recommendations, and developed this resource of best practices for healthcare security and privacy. The Guidelines for Academic Medical Centers on Security and Privacy: Practical Strategies for Addressing the Health Insurance Portability and Accountability Act (HIPAA) addresses the unique concerns of academic medical centers.
The traditional tripartite mission - patient care, education, and research - distinguishes academic medical centers (AMC) from their peer institutions, which focus primarily on patient care services. In the past two decades the ability of academic medical centers to balance and sustain these multiple missions has been severely tested by changes in health care financing and regulation. The implementation of the HIPAA regulations will create barriers unique to these environments. Because of their multiple missions and collegial concerns, AMCs have come together in an effort to create the guidelines - to ensure the privacy, security and confidentiality of patient information.