July 15, 2014

HIPAA Privacy Rule: Policies, Forms and Other Resources

Federal regulations, known as the Health Insurance Portability and Accountability Act (HIPAA) privacy law, generally prohibit the use and disclosure of health information without written permission from the patient. The following policies were developed to assist USC faculty and staff in complying with these regulations. Questions about these policies should be directed to the USC Office of Compliance at (213) 740-8258 or complian@usc.edu.

General (100)

Policies

Forms/Resources

  • Senior Vice President memorandum, dated February 19, 2003, to university community regarding compliance with HIPAA privacy rule.
  • Authorization Form [generic template]
    USC has developed specific template authorizations for uses/disclosures of health information for (1) research; (2), fundraising; (3) marketing and (4) special privacy considerations. Those specific authorization forms can be found below. This authorization form should be used and tailored for other uses and disclosures for which no other specific template document exists. See USC Policy GEN-102 for further information regarding use of the authorization.
  • USC and DHS agreement to coordinate education efforts
    Explains the terms under which USC and Department of Health Services will accept the HIPAA education certification of the other institution.

Clinical Practices (200)

Policies

Forms/Resources

  • Notice of Privacy Practices (en Español)
    Must be provided to patient no later than first clinical encounter; must be posted in conspicuous location at each clinical site
*See USC Policy CLIN-200 for further information regarding use of the Notice of Privacy Practices.

Research (300)

Policies

Forms/Resources

Fundraising/Marketing (400)

Forms/Resources

Patients Rights (600)

Policies

Forms/Resources

Business Associates (700)

Policies

Forms/Resources

Responsible Office

Office of Compliance

ooc.usc.edu

complian@usc.edu

(213) 740-8258