Documentation Policy (UBIT HIPAA)

Category: HIPAA Security
Responsible Office: UBIT HIPAA Compliance
Responsible Executive: Vice President and Chief Information Officer (VPCIO)
Approved By (Name/Title): J. Brice Bible, VPCIO

On this page:

Summary

CATEGORY:
Policies and Procedures and Documentation
TYPE:
Standard 
CITATION:
45 CFR 164.316(b)(1)

The University at Buffalo Information Technology (UBIT) operates as a covered entity as defined by the U.S. Department of Health and Human Services Office of Civil Rights. HIPAA Regulation Text 45 CFR Part 164.316(b)(1) requires a covered entity to maintain the policies and procedures implemented to comply with this subpart in written (which may be electronic) form. If an action, activity, or assessment is required by this subpart to be documented, maintain a written (which may be electronic) record of that action, activity, or assessment.

Policy

UBIT maintains policies and procedures; records of actions; activities or assessments that comply with HIPAA Regulation Text 45 CFR Part 164.316 in written/electronic form. 

UBIT maintains records of actions, activities, or assessments that are required by HIPAA Regulation Text 45 CFR Part 164.316.

Applicability

This policy applies to all UBIT workforce members.

Responsibility

Workforce members: Adhere to all policies and procedures as written.

HIPAA Security and Privacy Officer: Maintains documented policies and procedures; records of actions; activities or assessments in written form.

Compliance Officer: In conjunction with the HIPAA Security and Privacy Officer, the Compliance Officer maintains documented policies and procedures; records of actions; and, activities or assessments in written form.

Contact Information

HIPAA Security and Privacy Officer
Website: http://www.buffalo.edu/ubit.html

Vice President and Chief Information Officer
J. Brice Bible
517 Capen Hall
Buffalo, NY 14260
Phone: 716-645-7979
Email: vpcio@buffalo.edu
Website: http://www.buffalo.edu/ubit.html

Date Approved: 12/6/2017