Standard for HIPAA Compliance Coordinators
Purpose
In order to comply with the Health Insurance Portability and Accountability Act (“HIPAA”), Ohio University strives to ensure the successful implementation of its HIPAA Privacy Standards & Procedures. As such, Ohio University will identify a HIPAA Compliance Coordinator for each Ohio University HIPAA Covered Entity Unit to oversee the standard implementation within the respective covered entity unit.
Scope
This standard will apply to all Ohio University HIPAA Covered Entity Units.
Standard
The HIPAA Compliance Coordinators for the Ohio University HIPAA Covered Entity Units are as follows:
- University Human Resources/Benefits: Senior HR Director and Director of Benefits
- WellWorks: Executive Director of Wellbeing
- Psychology Social Work Clinic: Director, Psychology Social Work Clinic
- OU Therapy Associates: Clinical Business Operation Manager Speech Hearing Clinic, and PT Manager
- The University HIPAA Privacy Officer will function as the Privacy Coordinator for those units comprised of personnel that provide services to the University’s covered components.
- The University HIPAA Security Officer will function as the Security Coordinator for those units comprised of personnel that provide services to the University’s covered components.
The HIPAA Compliance Coordinator is responsible for the following:
- Ensuring that their unit has developed policies and procedures in accordance with requirements outlined within Ohio University policies and standards to ensure compliance with the HIPAA Privacy and Security Rules;
- Serving as the initial point of contact for faculty, staff, and students within their given unit as it relates to issues related to privacy, security, and HIPAA compliance, including communicating newly implemented, or changes to, policies and standards and periodic reminders relating to privacy and security.
- Ensuring that each faculty member, student, and staff member within their unit has completed the appropriate level of privacy and security training by the assigned deadline.
- Acting as the initial point of contact for patient complaints that arise from activities within the unit;
- Acting as the unit’s liaison with the University HIPAA Privacy and Security Officers regarding issues related to privacy, security, and HIPAA compliance;
- Performing other functions as designated in the Ohio University policies and standards relating to HIPAA compliance;
- Communicating questions, concerns, and reporting any issues relating to the responsibilities as outlined above.
Definitions
HIPAA Privacy Officer: The individual appointed by Ohio University to be the Privacy Officer as required by the HIPAA Privacy Rule.
HIPAA Security Officer: The individual appointed by Ohio University to be the Security Officer as required by the HIPAA Security Rule.
HIPAA Covered Entity Unit: Those units that Ohio University has designated as health care components subject to HIPAA. Such units include; University Human Resources/Benefits (including the University Wellness Plan, “WellWorks”), Ohio University Therapy Associates, and the Psychology and Social Work Clinic.
HIPAA Compliance Coordinator: The individual designated as the point of contact for privacy and security matters and liaison between staff members within a HIPAA Covered Entity Unit and the University HIPAA Privacy and Security Officers.
References
45 CFR § § 164.502(a); 164.508
Policy 91.005 Information Security
Policy 93.001 Data Classification
Ohio University Provider HIPAA Privacy Standards and Procedures Ohio University Health Plan HIPAA Privacy Standards and Procedures
Governance
This standard will be reviewed and approved by the University HIPAA Steering Committee, and other key stakeholders in the interest of ensuring the privacy and security of individual’s health information, as deemed appropriate based on the current regulatory requirement mandates.
Status: Approved
Effective: September 24, 2019