Body

HIPAA Privacy Policies and Forms

All current and retired employees enrolled in The University of Texas Systems self-insured employee group health plans (UT Select, UT Dental Select and UT Flex) are entitled to receive a Notice of the Privacy Practices adopted by The University of Texas System Administration on behalf of the self-funded health plans operated by the Office of Employee Benefits in compliance with Title 2 of the Health Insurance Portability and Accountability Act of 1996 (HIPAA), the Health Information Technology for Economic and Clinical Health (HITECH) Act, and the federal regulations adopted to implement HIPAA (45 CFR Parts 160 & 164 "the HIPAA Privacy Rule"). These Policies and Forms, which constitute The University of Texas System Administration Manual has been formally adopted by of The University of Texas System Administration as INT 166, which can be found in the UT System Policy Library at www.utsystem.edu/board-of-regents/policy-library. Similar privacy policies have also been adopted by all carriers who provide the fully-insured group health plans in which current and retired employees are also eligible to enroll in through OEB.

The contents of System Administration's HIPAA Privacy Manual Policies are also set forth below. If you need assistance with the Manual or HIPAA in general, please contact Privacyofficer@utsystem.edu . Please be assured that OEB's policy has always been and continues to be that utmost care be used at all times to safeguard any information provided to OEB by or for its enrollees. Information is released only when it is required to make sure that your health care provider is properly reimbursed for medical services provided to you, for reasons related to the provision and maintenance of coverage, or if required by law.

Notice of the Privacy Practices (PDF)

Forms

Table of Contents

 

    HIPAA Hybrid Entity DesignationView PDF File
    HIPAA Policy 1.0: Introduction & DefinitionsView PDF File
    HIPAA Policy 2.0: Organization of System for HIPAA Privacy Standard Compliance PurposesView PDF File
    HIPAA Policy 3.0: Breach Notification PolicyView PDF File
    HIPAA Policy 4.0: PHI Requests, Access, Uses and DisclosuresView PDF File
    HIPAA Policy 5.0: Office of Employee Benefits As a Plan SponsorView PDF File
    HIPAA Policy 6.0: Relationships With Other EntitiesView PDF File
    HIPAA Policy 7.0: Individual RightsView PDF File
    HIPAA Policy 8.0: Ensuring Privacy ComplianceView PDF File
    HIPAA Policy 9.0: DocumentationView PDF File
    HIPAA Policy Section 4.10: Verification of Requestor’s Identity and AuthorityView PDF File
    HIPAA Policy Section 4.11: Obtaining and Relying Upon an AuthorizationView PDF File
    HIPAA Policy Section 4.12: Personal RepresentativesView PDF File
    HIPAA Policy Section 4.13: De-identified InformationView PDF File
    HIPAA Policy Section 4.14: Documentation of DisclosuresView PDF File
    HIPAA Policy Section 4.1: Requests for PHIView PDF File
    HIPAA Policy Section 4.2: Access to System PHIView PDF File
    HIPAA Policy Section 4.3: Uses and Disclosures Required by LawView PDF File
    HIPAA Policy Section 4.4: Discretionary Uses and Disclosures Without An AuthorizationView PDF File
    HIPAA Policy Section 4.5: Conducting Underwriting ActivitiesView PDF File
    HIPAA Policy Section 4.6: Research Disclosures and UsesView PDF File
    HIPAA Policy Section 4.7: Making Notification DisclosuresView PDF File
    HIPAA Policy Section 4.8: Review of Requests for Use or Disclosure Requiring Approval by the Privacy OfficerView PDF File
    HIPAA Policy Section 4.9: Minimum Necessary Standard for Uses and Disclosures of PHIView PDF File
    HIPAA Policy Section 6.1: Contracts With Business Associates Involving Office of Employment Benefits PHIView PDF File
    HIPAA Policy Section 6.2: Contracts Involving PHI Entered into by System Offices that are Business Associates of OEB or other Covered Entities.View PDF File
    HIPAA Policy Section 6.3: Carriers Providing Group Health Plan CoverageView PDF File
    HIPAA Policy Section 6.4: Agreements With Recipients of a Limited Data SetView PDF File
    HIPAA Policy Section 7.1: Notice of Individual Rights Concerning PHIView PDF File
    HIPAA Policy Section 7.2: Right to Access Protected Health InformationView PDF File
    HIPAA Policy Section 7.3: Requests to Amend PHIView PDF File
    HIPAA Policy Section 7.4: Right to Receive an Accounting of DisclosuresView PDF File
    HIPAA Policy Section 7.5: Requests for Restrictions on Use and DisclosureView PDF File
    HIPAA Policy Section 7.6: Requests for Confidential CommunicationsView PDF File
    HIPAA Policy Section 7.7: Right to Make A ComplaintView PDF File
    HIPAA Policy Section 7.8: Right to Breach NotificationsView PDF File
    HIPAA Policy Section 8.1: Cooperation With the Secretary’s InvestigationView PDF File
    HIPAA Policy Section 8.2: TrainingView PDF File
    HIPAA Policy Section 8.3: Safeguarding PHIView PDF File
    HIPAA Policy Section 8.4: Mitigation of Known Privacy ViolationsView PDF File
    HIPAA Policy Section 8.5: Sanctions for Personnel Violations of PrivacyView PDF File
    HIPAA Policy Section 9.1: Changes to Privacy Policies and ProceduresView PDF File
    HIPAA Policy Section 9.2: Retention of Privacy DocumentationView PDF File
    HIPAA Privacy Officer DesignationView PDF File