UAB Synopsis, Vol. 24, No. 30, August 8, 2005
UAB and the UAB Health System (UABHS) are committed to the highest standard of compliance to secure the confidentiality, integrity, and availability of patients' protected health information (PHI). UAB/UABHS employees and students in entities covered under the Health Insurance Portability and Accountability Act (HIPAA) are required to report security breaches including inappropriate access to and unauthorized release or transmission of a patient's PHI.
Covered entities at UAB are the schools of Dentistry, Health Related Professions, Medicine, Nursing, and Optometry, as well as the entire UAB Health System. Any UAB/UABHS employee or student who 1) suspects a HIPAA violation; 2) identifies an information security breach involving PHI; or 3) recognizes a potential vulnerability that might compromise protection of PHI should report such findings to any or all of the individuals below. This reporting requirement excludes permitted uses of PHI under HIPAA, such as those necessary for "treatment, payment, and operations." For additional information about UAB/UABHS Privacy and Security Standards, review the HIPAA online course at www.HIPAA.uab.edu.
To report a suspected HIPAA violation at UAB/UABHS, contact:
- Your immediate supervisor, manager, or administrator;
- Your covered entity's HIPAA privacy or security coordinators (EPC/ESC). (Go to www.HIPAA. uab.edu for the name of your EPC/ESC);
- UAB/UABHS HIPAA Privacy Officer Joan Hicks, jhicks@ uabmc.edu, 934-4724;
- UAB/UABHS HIPAA Security Officer Terrell Herzig, therzig@uabmc.edu, 975-0072;
- UAB HIPAA coordinator C. Michael Brooks, EdD, mbrooks@ uab.edu, 996-2644;
- Corporate Compliance, 975-0862.