HIPAA - Business Associate Agreements

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

It is expected that all UCSF staff, faculty, students and trainees understand that it is their legal and ethical responsibility to preserve and protect the privacy, confidentiality and security of all confidential information, both patient and non-patient related, in accordance with federal and state laws; and University policies and procedures.

All staff, faculty, students and trainees are expected to access, use and disclose confidential information only in the performance of their University duties or when required or permitted by law. Additionally, all staff, faculty, students and trainees must disclose information only to persons who have the right to receive that information.

UCSF is required to secure all access to stored and transmitted Protected Health Information (PHI).

Version Date: May 2018