Skip to main content
Sign In

University of Colorado Denver

Heath Insurance Portability and Accountability Act

Health Insurance Portability and Accountability Act

Office of Regulatory Compliance


A law, popularly known as "HIPAA" (the Health Insurance Portability and Accountability Act of 1996), requires that we establish policies and procedures to ensure the confidentiality and the security of protected health information. Preparing for HIPAA will benefit both you as individual employees as well as the institution’s compliance with federal regulations.

The HIPAA Privacy Rule regulates the use and disclosure of individually identifiable health information and gives individuals the right to determine and restrict access to their health information. Compliance with HIPAA’s privacy regulations became required on April 14, 2003. There are substantial penalties, both civil and criminal, for non-compliance.

The HIPAA Security Rule requires that reasonable and appropriate technical, physical, and administrative safeguards be taken with electronic individually identifiable health information. Specifically, we must ensure the confidentiality, integrity, and availability of all electronic protected health information we create, receive, maintain or transmit. Compliance with the Security Rule became required on April 21, 2005.

A helpful summary of this Act can be found at and at by clicking on the "HIPAA Administrative Simplification" link. The texts of the Privacy and Security Rules may be found at

The required HIPAA Basic training can be found through your portal page under the "My Training" link.

HIPAA impacts the Anschutz Medical Campus in various ways. Patient records (including shadow records), human subjects research records, and marketing demographics that contain health information are a few examples of the ways in which we fall under HIPAA’s regulation. Responsibility for HIPAA compliance is being coordinated by the Office of Regulatory Compliance under the direction of Interim Directory of Regulatory Compliance, Alison D. Lakin.

For additional information or assistance, please contact the HIPAA Compliance Office at 303-724-0983 or at

HIPAA Contacts

Alison Lakin – HIPAA Privacy Official

303 724 1010

Russell Poole – HIPAA Security Official
303 724 0425
Alison Lakin – Signatory Official for Data Use Agreements and Business Associate Agreements
303 724 1010


© The Regents of the University of Colorado, a body corporate. All rights reserved.

Accredited by the Higher Learning Commission. All trademarks are registered property of the University. Used by permission only.