skip to main content columnskip to left navigation

HIPAA Compliance Office

The Office of University Counsel

Resources

EMAIL ENCRYPTION:  Emails that contain protected health information must be encrypted to ensure they are transmitted securely.  The HIPAA Compliance Office has created the following guidance for your convenience: Email Encryption Explained

 

SECURING YOUR PERSONAL DEVICE:  ETSU Faculty, Staff and Students that use personal devices to access, create, receive, maintain or transmit protected health information should ensure their personal devices are adequately secured.  When a security incident occurs, whether or not your device is encrypted determines whether or not the security incident is reportable to the Office of Civil Rights.  The HIPAA Compliance Office has created the following guidance for your convenience: How to Secure Your Personal Devices

As always, anytime a device that accesses, creates, receives, maintains or transmits protected health information is lost or stolen, the incident should be immediately reported to the ETSU HIPAA Compliance Office and ETSU ITS so that appropriate action can be taken to mitigate the risk of harm to our patients' health information.

 

BUSINESS ASSOCIATES: Guidance on HIPAA & Business Associates 

 

OTHER RESOURCES

U.S. Department of Health & Human Services:  http://www.hhs.gov/hipaa/

HealthIT:  https://www.healthit.gov/

HIPAA Administrative Simplification Text of Combined Rules:  http://www.hhs.gov/sites/default/files/ocr/privacy/hipaa/administrative/combined/hipaa-simplification-201303.pdf

 

 

 

 

 

 

 

 

 

 

 

 

 

icon for left menu icon for right menu