The University of Wisconsin-Madison is committed to protecting the privacy and security of health information, as mandated by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), and as amended by the Health Information Technology for Economic and Clinical Health Act of 2009 (“HITECH”). HIPAA and HITECH establish national standards for protecting the privacy and security of health information and define specific rights for individuals with respect to their health information. Individually identifiable health information that is created or received by a health care provider that is covered by HIPAA qualifies as protected health information (“PHI”) and is subject to the rules and regulations of HIPAA.
UW-Madison’s HIPAA Privacy and Security Compliance Program is overseen by two committees: the HIPAA Privacy and Security Operations Committee and the HIPAA Privacy and Security Executive Board. The Operations Committee supports the Program by integrating all the UW-Madison units within the Health Care Component under one committee structure to ensure, facilitate and monitor HIPAA privacy and security and evaluate the quality, effectiveness, and efficiency of the Program. The Executive Board has overall responsibility for the oversight of the Program and provides adequate resources and authority for the successful administration of the Program.