Document and Retention Policy (UBIT HIPAA)

Category: HIPAA Security
Responsible Office: UBIT HIPAA Compliance
Responsible Executive: Vice President and Chief Information Officer (VPCIO)
Approved By (Name/Title): J. Brice Bible, VPCIO

On this page:

Summary

CATEGORY: Administrative Requirement
TYPE:
Standard and Implementation Specification
CITATION:
45 CFR 164.530 (j)(1) Standard: Documentation and 45 CFR 164.530(j)(2) Implementation Specification: Retention Period

The University at Buffalo Information Technology (UBIT) operates as a covered entity as defined by the U.S. Department of Health and Human Services Office of Civil Rights. HIPAA Regulation Text 45 CFR Part 164.530 (j)(1) and  requires a covered entity to document and retain its HIPAA policies, procedures, supporting documents identified in the policies and procedures, and documents sufficient to meet the burden of proof as described in § 164.414(b) for a period of six years.

Policy

UBIT maintains its HIPAA policies, procedures, and required communication in written or electronic form. UBIT maintains documentation for required actions, activities, or designations as identified in the HIPAA policies, procedures, and required communication in written or electronic form. UBIT maintains documentation sufficient to meet its burden of proof under § 164.414 Administrative Requirements and Burden of Proof. UBIT retains the documents identified in this policy for a period of six years from the date of its creation, or the date of when it last was in effect, whichever is later. 

Applicability

This policy applies to all UBIT workforce members.

Responsibility

Workforce members: Adhere to policies and procedures as written.

HIPAA Security and Privacy Officer: Ensures that HIPAA documentation is retained as required.

Compliance Officer: Participates in ensuring the security of ePHI is effective and enforced, in conjunction with the HIPAA Security and Privacy Officer.

Contact Information

HIPAA Security and Privacy Officer
Website: http://www.buffalo.edu/ubit.html

Vice President and Chief Information Officer
J. Brice Bible
517 Capen Hall
Buffalo, NY 14260
Phone: 716-645-7979
Email: vpcio@buffalo.edu
Website: http://www.buffalo.edu/ubit.html

Date Approved: 12/6/2017