HIPAA Privacy Policies

HIPAA Privacy Policies Overview

Pursuant to the Health Insurance Portability Act (HIPAA) of 1996 and the privacy regulations promulgated thereunder as amended from time to time, a covered entity must implement written privacy policies and procedures.  Per 45 CFR 164.530(h)(i)(1), Standard for Policies and Procedures, a covered entity must implement policies and procedures with respect to protected health information that are designed to comply with the standards, implementation specifications, or other requirements of subparts D and E of 45 CFR Part 164. All applicable Stanford University organizations are required to comply with these policies, and to implement the associated procedures to ensure compliance with these policies.

For additional information, please submit a Service Request. 

• HIPAA Privacy: H-01 Executive Summary
• HIPAA Privacy: H-02 Definitions
• HIPAA Privacy: H-03 Access to PHI
• HIPAA Privacy: H-04 Accounting of Disclosures
• HIPAA Privacy: H-05 Business Associates
• HIPAA Privacy: H-06 Amendment and Addendum to PHI
• HIPAA Privacy: H-07 Communication with Family, Friends, and Others
• HIPAA Privacy: H-08 Alternative Confidential Communications
• HIPAA Privacy: H-09 Complaint Handling
• HIPAA Privacy: H-10 Education
• HIPAA Privacy: H-11 Fundraising Communications
• HIPAA Privacy: H-12 Notice of Privacy Practices
• HIPAA Privacy: H-13 Minimum Necessary
• HIPAA Privacy: H-14 Research and Patient Privacy
• HIPAA Privacy: H-15 Use and Disclosure
• HIPAA Privacy: H-16 Breach Notification