There are four parts to HIPAA’s Administrative Simplification:
- Electronic transactions and code sets standards requirements
- Privacy requirements
- Security requirements
- National identifier requirements
HIPAA & Research
The HIPAA Privacy Rule contains provisions that apply to research involving the use or disclosure of Protected Health Information (PHI). PHI is health information that is individually identifiable.
PHI may be used for research through several mechanisms- read more about HIPAA & Research
HIPAA: Designated Record Set
HIPAA allows patients to request access to (and if they’d like, to obtain a copy of) what is called the Designated Record Set (DRS). This is all of the information held by OHSU that we use to make decisions about patients. The lists below are posted to help people understand what is included in the DRS.
Designated Record Set
A patient's Health Record, which includes;
Questions or ConcernsIf you have an information privacy or security question or concern:
Patients: contact the HIPAA/Information Privacy & Security line at 503-494-0219
Employees: E-mail HIPAA / Information Privacy & Security questions and concerns to email@example.com or contact the office directly at 503-494-0219.