HIPAA

HIPAA Privacy Policies and Forms

All current and retired employees enrolled in The University of Texas Systems self-insured employee group health plans (UT Select, UT Dental Select and UT Flex) are entitled to receive a Notice of the Privacy Practices adopted by The University of Texas System Administration on behalf of the self-funded health plans operated by the Office of Employee Benefits in compliance with Title 2 of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the federal regulations adopted to implement HIPAA (45 CFR Parts 160 & 164 "the HIPAA Privacy Rule"). These Policies and Forms, which constitute The University of Texas System Administration Manual has been formally adopted by of The University of Texas System Administration as INT 166, which can be found in the UT System Policy Library at www.utsystem.edu/sites/policy-library. Similar privacy policies have also been adopted by all carriers who provide the fully-insured group health plans in which current and retired employees are also eligible to enroll in through OEB.

The contents of System Administration's HIPAA Privacy Manual Policies are also set forth below. If you need assistance with the Manual or HIPAA in general, please contact Privacyofficer@utsystem.edu . Please be assured that OEB's policy has always been and continues to be that utmost care be used at all times to safeguard any information provided to OEB by or for its enrollees. Information is released only when it is required to make sure that your health care provider is properly reimbursed for medical services provided to you, for reasons related to the provision and maintenance of coverage, or if required by law.

Notice of the Privacy Practices (.pdf)

Forms

Table of Contents

 

HIPAA Hybrid Entity Designation View PDF File
HIPAA Notice of Privacy Practices /sites/default/files/documents/publication/2024/hipaa-notice-of-privacy-practices/hipaanopp08032023.pdf">View PDF File, /sites/default/files/documents/publication/2024/hipaa-notice-of-privacy-practices/hipaanopp08032023.pdf">View PDF File
HIPAA Policy 1.0: Introduction & Definitions View PDF File
HIPAA Policy 2.0: Organization of System for HIPAA Privacy Standard Compliance Purposes View PDF File
HIPAA Policy 3.0: Breach Notification Policy View PDF File
HIPAA Policy 4.0: PHI Requests, Access, Uses and Disclosures View PDF File
HIPAA Policy 5.0: Office of Employee Benefits As a Plan Sponsor View PDF File
HIPAA Policy 6.0: Relationships With Other Entities View PDF File
HIPAA Policy 7.0: Individual Rights View PDF File
HIPAA Policy 8.0: Ensuring Privacy Compliance View PDF File
HIPAA Policy 9.0: Documentation View PDF File
HIPAA Policy Section 4.10: Verification of Requestor’s Identity and Authority View PDF File
HIPAA Policy Section 4.11: Obtaining and Relying Upon an Authorization View PDF File
HIPAA Policy Section 4.12: Personal Representatives View PDF File
HIPAA Policy Section 4.13: De-identified Information View PDF File
HIPAA Policy Section 4.14: Documentation of Disclosures View PDF File
HIPAA Policy Section 4.1: Requests for PHI View PDF File
HIPAA Policy Section 4.2: Access to System PHI View PDF File
HIPAA Policy Section 4.3: Uses and Disclosures Required by Law View PDF File
HIPAA Policy Section 4.4: Discretionary Uses and Disclosures Without An Authorization View PDF File
HIPAA Policy Section 4.5: Conducting Underwriting Activities View PDF File
HIPAA Policy Section 4.6: Research Disclosures and Uses View PDF File
HIPAA Policy Section 4.7: Making Notification Disclosures View PDF File
HIPAA Policy Section 4.8: Review of Requests for Use or Disclosure Requiring Approval by the Privacy Officer View PDF File
HIPAA Policy Section 4.9: Minimum Necessary Standard for Uses and Disclosures of PHI View PDF File
HIPAA Policy Section 6.1: Contracts With Business Associates Involving Office of Employment Benefits PHI View PDF File
HIPAA Policy Section 6.2: Contracts Involving PHI Entered into by System Offices that are Business Associates of OEB or other Covered Entities. View PDF File
HIPAA Policy Section 6.3: Carriers Providing Group Health Plan Coverage View PDF File
HIPAA Policy Section 6.4: Agreements With Recipients of a Limited Data Set View PDF File
HIPAA Policy Section 7.1: Notice of Individual Rights Concerning PHI View PDF File
HIPAA Policy Section 7.2: Right to Access Protected Health Information View PDF File
HIPAA Policy Section 7.3: Requests to Amend PHI View PDF File
HIPAA Policy Section 7.4: Right to Receive an Accounting of Disclosures View PDF File
HIPAA Policy Section 7.5: Requests for Restrictions on Use and Disclosure View PDF File
HIPAA Policy Section 7.6: Requests for Confidential Communications View PDF File
HIPAA Policy Section 7.7: Right to Make A Complaint View PDF File
HIPAA Policy Section 7.8: Right to Breach Notifications View PDF File
HIPAA Policy Section 8.1: Cooperation With the Secretary’s Investigation View PDF File
HIPAA Policy Section 8.2: Training View PDF File
HIPAA Policy Section 8.3: Safeguarding PHI View PDF File
HIPAA Policy Section 8.4: Mitigation of Known Privacy Violations View PDF File
HIPAA Policy Section 8.5: Sanctions for Personnel Violations of Privacy View PDF File
HIPAA Policy Section 9.1: Changes to Privacy Policies and Procedures View PDF File
HIPAA Policy Section 9.2: Retention of Privacy Documentation View PDF File
HIPAA Privacy Officer Designation View PDF File