University of Nebraska Medical Center

Print | PDF

HIPAA Important Notice!

The first of several new HIPAA rules went into effect Sept. 23 that require patient and Health and Human Services notification following the discovery of a breach of unsecured protected health information (PHI).

Privacy officers Sheila Wrobel (559-6767 or swrobel@unmc.edu) or Deb Bishop (559-5136 or dbishop@unmc.edu);
Information security officer Sharon Welna (559-2545 or swelna@unmc.edu); or
The ITS help desk (559-7700).

The types of violations that would likely require patient/HHS notification include:

The loss of an unencrypted laptop or thumb drive that contains PHI;
Misdirected mail, e-mail or faxes with PHI to a non-health care related facility or individual; and
Workforce members who intentionally access medical records of friends, family or others without a job-related need to know such information.
- Training Poster: Save it Securely
- Training Poster: Know Your Limits!
  If you have Centricity you can only access your OWN medical record.
- Training Poster: Misdirected Emails
- Training Poster: Obligation to Report (Black & White)
  Training Poster: Obligation to Report (Colored)

AMA Reinforces Encryption Requirements When Devices Contain ePHI

HIPAA: Health Insurance Portability and Accountability Act