University at Buffalo (UB)
Category: HIPAA Security
Responsible Office: UBIT HIPAA Compliance
Responsible Executive: Vice President and Chief Information Officer (VPCIO)
Approved By (Name/Title): J. Brice Bible, VPCIO
CATEGORY: Administrative Safeguards
TYPE: Addressable Implementation Specification for Security Awareness and Training Standard
CITATION: 45 CFR 164.308(a)(5)(ii)(C)
The University at Buffalo Information Technology (UBIT) operates as a covered entity as defined by the U.S. Department of Health and Human Services Office of Civil Rights (OCR). HIPAA Regulation Text 45 CFR Part 164.308 (a)(5)(i) requires a covered entity to implement security awareness and training programs for all members of its workforce, including management.
UBIT develops, implements, and periodically reviews its processes for monitoring log-in attempts and reporting log-in discrepancies.
This policy applies to all UBIT workforce members.
Workforce members: Adhere to policies and procedures as written.
HIPAA Security and Privacy Officer: Implements procedures for monitoring log-in attempts and reporting discrepancies.
Compliance Officer: Participates in ensuring the security of ePHI is enforced and is effective. Performs this duty in conjunction with the HIPAA Security and Privacy Officer.
HIPAA Security and Privacy Officer
Website: http://www.buffalo.edu/ubit.html
Vice President and Chief Information Officer
J. Brice Bible
517 Capen Hall
Buffalo, NY 14260
Phone: 716-645-7979
Email: vpcio@buffalo.edu
Website: http://www.buffalo.edu/ubit.html
Date Approved: 12/4/2017