Mission Statement
Policies
HIPAA Privacy Standard Practices and Procedures
The below HIPAA Privacy Standard Practices and Procedures have been adopted by USF Health and serve as comprehensive guidelines that USF Health has implemented and follows. At least annually, we review all HIPAA Privacy Standard Practices & Procedures to ensure any required legal changes are made in accordance with any state or federal HIPAA privacy law updates or any operational changes. Through the adoption of these HIPAA Privacy Standard Practices & Procedures, we ensure the confidentiality, integrity, and availability of protected health information, addressing areas like patient rights, data protection, staff training, and response to privacy breaches in accordance with HIPAA regulations.
The development, implementation, and enforcement of HIPAA policies and procedures is the cornerstone of HIPAA compliance, maintaining an effective compliance program and our commitment to doing the right thing for our patients, our workforce members and USF Health. Without policies and procedures to provide guidelines, members of USF Health and our Business Associate team members, would be unaware of how they should carry out their functions in compliance with HIPAA, how they should react when specific events occur, and what sanctions may apply for failing to comply with HIPAA.
The requirement to develop, implement, and enforce HIPAA policies and procedures appears in the very first standard of the Administrative Requirements of the Privacy Rule (45 CFR § 164.530). The standard states a Covered Entity must “designate a privacy official who is responsible for the development and implementation of the policies and procedures of the entity.” The designated Privacy Officer for USF Health is Barbara Wolodzko, J.D., LL.M., LL.M., CHC, CCEP.
| Name | Link |
|---|---|
| Email Communications Containing Protected Health Information | Email Communications Containing PHI |
| HIPAA and Same-Sex Marriage | HIPAA and Same-Sex Marriage |
| HIPAA Business Associate Agreement (BAA) Process | HIPAA BAA Process |
| HIPAA Privacy in Emergency Situations | HIPAA Privacy in Emergency Situations |
| Minimum Necessary Uses and Disclosures of PHI | Minimum Necessary Uses and Disclosures of PHI |
| Morsani College of Medicine (MCOM) Student Observer Program | MCOM Student Observer Policy and Form |
| Photography, Video, and Audio Recordings of Patients (with attachments) | Photography, Video, and Audio Recordings of Patients |
| Photography, Video, and Audio Recordings by Patients or Guests | Photography, Video, and Audio Recordings by Patients or Guests |
| USF HIPAA Designated Record Set | USF HIPAA Designated Record Set |
| Workforce Defined under the USF HIPAA Covered Component | Workforce Defined under the USF HIPAA Covered Component |