|Business Associate Agreement (BAA)
||a contract to ensure that the BAs will appropriately safeguard PHI.
|Business Associate Decision Tree
||will help determine if an entity is a BA, as defined under HIPAA 45 CFR 160.103.
|Case Report HIPAA Authorization Form
are being asked to allow information about your hospital stay and related
treatment of your illness to be used to write what is called a case report.|
|Data Sharing Flow Chart
||visually indicates appropriate uses of PHI.|
|Data Sharing info page
||explains the differences between deidentified, LDS, and idenitifable PHI.|
|Data Use Agreement (DUA)
||an agreement when a limited data set is shared, use and protection outlined.
|GDPR (General Data Protection Regulation)
||Link to the Office of Information Security’s GDPR webpage. The EU GDPR (effective May 25, 2018) sets a broad definition for personal information and establishes a variety of requirements regarding privacy and the handling of EU residents' personal information.|
|HIPAA 101 Tip Sheet
||provides useful info to the UCD community - in a nutshell.|
|HIPAA Incident Notification Form
||form to use when communicating a HIPAA privacy incident to the Privacy Officer.
|HIPAA Walkthrough Checklist
||for departments to use when walking through their physical space.
|Student Data Privacy (K12)
||proviedes useful information regarding students Personally Identifiable Information.|