Policies & Forms
ºÚÁÏÍø Health HIPAA Policies are Applicable to the ºÚÁÏÍø (ºÚÁÏÍø SOM)
Purpose
The ºÚÁÏÍø Health HIPAA policies have been prepared for the purpose of ensuring compliance with Sections 261 through 264 of the federal Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 (HIPAA), as modified in the Health Information Technology for Economic and Clinical Health Act (HITECH), and its implementing regulations at 45 CFR Parts 160 and 164, as the same may be amended from time to time (the HIPAA Security, Breach Notice, and Privacy Rules), all of which are collectively referred to herein as HIPAA.
Overview
Each ºÚÁÏÍø Health Affiliate is also independently a Covered Entity or a HIPAA covered component under HIPAA. ºÚÁÏÍø Health and the ºÚÁÏÍø SOM have designated themselves as an Affiliated Covered Entity (ACE), as sent forth in 45 CFR §§ 164.103 and 164.105(b), which means that they are considered a single Covered Entity for HIPAA compliance purposes. This designation allows the ºÚÁÏÍø Health ACE members to share a common set of HIPAA policies, procedures and forms, and also impacts the sharing of protected health information (PHI) among the members. The ºÚÁÏÍø SOM, as a member of the ºÚÁÏÍø Health ACE, has adopted the ºÚÁÏÍø Health HIPAA policies and procedures for the purposes of HIPAA compliance.
Throughout the ºÚÁÏÍø Health HIPAA policies and procedures, the members and affiliates of ºÚÁÏÍø Health are sometimes collectively referred to as ºÚÁÏÍø Health entities. Some members or affiliates of ºÚÁÏÍø Health are agencies of the State of North Carolina or its subdivisions, but others are not. Use of the ºÚÁÏÍø Health entity term of reference in no way relates to, implies, or designates a member or affiliate of ºÚÁÏÍø Health as an agency of the State of North Carolina or its subdivisions pursuant to N.C. Gen. Stat. § 116-37 or any other applicable law. The term is solely used for convenience.