2003-18: Accounting of Disclosures of Protected Health Information

• Procedures for Accounting of Disclosures of PHI
• HCH1353: Requests for Accounting of Disclosures of Protected Health Information
• HCH1354: Accounting Log for Disclosures of Protected Health Information for 50 or More Research Subjects
• HCH1355: Protected Health Information Disclosure Tracking Log

2003-16: Authorization for Release of Information (Privacy and Security of (PHI))

• HCH551: Authorization to Obtain and/or Disclose Health Information

2003-09: Breaches of Privacy and Security of Protected Health Information (PHI) and Confidential Data

2003-04: Business Associate Agreements

2003-13: Consent to Treatment

• HCH901: Consent for Treatment, Use and Disclosure of PHI, Acknowledgments and Financial Agreement Form

2003-29: Creation, Use and Disclosure of De-Identified Protected Health Information (Privacy and Security of Protected Health Information (PHI))

• Certification of De-Identification

2012-06: Designated Record Set

2021-04 Disclosures of Protected Health Information to the Media

• Procedures for Policy 2021-04 Disclosures of Protected Health Information to the Media
• HCH2714 Authorization to Use and/or Disclose Protected Health Information for Publicity

2008-01: Disposal of Protected Health Information (PHI) and Disposal and Re-use of Hardware and Electronic Media Containing Electronic Protected Health Information (ePHI)

• Procedure for Disposal of Documents/Materials Containing Protected Health Information (PHI) and Receipt, Tracking, Re-use, and Disposal of Hardware and Electronic Media Containing Electronic Protected Health Information (ePHI)

2003-02: Documentation and Retention of HIPAA Compliance Records

2012-01: Email Communication with Patients/Research Participants – Policy deleted and replaced by 2011-04 Electronic Communication of Confidential Data

2003-23: Faxing of Protected Health Information (Privacy and Security of Protected Health Information (PHI))

• Procedures for Faxing of PHI
• Fax Cover Sheet

2014-09: Hand-Delivering and Mailing Paper Documents that Contain PHI

• Procedure for Hand-Delivering and Mailing Paper Documents that Contain PHI

2003-06: HIPAA Fundraising Compliance Policy (Privacy and Security of PHI)

2003-05: HIPAA Marketing Compliance (Privacy and Security of PHI)

2003-30: Limited Data-Set Creation, Use and Disclosure (Privacy and Security of (PHI))

• Certification of Limited Data Set for Research

2016-01: Medical/Dental Patient Records: Transportation of Paper and Other Media Records

2003-21: Minimum Necessary Protected Health Information

2008-03: Mobile Computing Device (MCD) Security

2003-12 Notice of Privacy Practices

• HCH901: Consent for Treatment, Use and Disclosure of PHI, Acknowledgments and Financial Agreement Form

2003-19: Patient Privacy Complaints

2020-12: Patient Right to Request Amendment to Health Information

• HCH1352: Request for Amendment of Health Information

2003-15: Patient Right to Request Alternative Methods of Communications 

• HCH1397: Permission to Communicate Health Information and Use Alternative Communication Methods

2020-11: Patients’ Right to Access Their PHI in a Designated Record Set

• HCH 2710 Patient Request to Access Medical Records
• HCH551: Authorization to Obtain and/or Disclose Health Information

2003-14: Patient Right to Request Restrictions on Uses and Disclosures of Protected Health Information 

• Procedure for Handling Patient Right to Request Restrictions

2003-17A: Patient Right to View His/Her Medical/Dental/Research and/or Billing Record – 11/2/20 deleted and combined with Patients’ Right to Access Their PHI in a Designated Record Set policy

Privacy Definitions

2014-04: Sanctions for Privacy and Security Violations

2021-05: Uses and Disclosures of Directory Information Under HIPAA

• Procedures for Policy 2021-05 Uses and Disclosures of Directory Information Under HIPAA

2003-25: Uses and Disclosures of PHI Involving Family, Friends, and Others

• Procedure for Uses and Disclosures of PHI Involving Family, Friends, and Others
• HCH1397: Permission to Communicate Health Information and Use Alternative Communication Methods

2003-08: Use and Disclosure of PHI by Whistleblowers and Workforce Member Crime Victims (Privacy and Security of PHI)

2003-28: Use and Disclosure of PHI for Research Purposes (Privacy and Security of PHI) – DELETED

2003-27: Use and Disclosure of PHI Where Authorization or Opportunity for Patient to Agree or Object Is NOT Required (Privacy and Security of PHI) – Deleted – See Notice of Privacy Practices

2014-07: Use of Protected Health Information (PHI) in Education

• HCH551: Authorization to Obtain and/or Disclose Health Information
• HCH375: Consent for Photographing and/or Recording of Patients (Non-Clinical Care Purposes)

2003-20: Verification of Individuals Requesting Protected Health Information

2014-03: Visual, Audio or Recording of Patient Data Obtained Through Any Medium

• HCH375: Consent for Photographing and/or Recording of Patients (Non-Clinical Care Purposes)