PEAO
Policy Number
110
Contact
ryenney@spscc.edu
Steward
Executive Assistant to Vice President of Finance and Operations
Effective Date
16 Aug 2016
Last Reviewed Date
05 Dec 2023
Purpose
The purpose of this policy is to assure the College's compliance with HIPAA and to safeguard protected health information (PHI).
Applies to:
All employees, students, and volunteers who have or who might have access to protected health information.
Content
Section Title
Policy
Section Content
Content
This policy addresses the confidentiality and safeguarding of individually identifiable health information transmitted or maintained in any form or medium by South Puget Sound Community College in accordance with the Health Information Portability and Accountability Act (HIPAA).
South Puget Sound Community College is designated as a hybrid entity, meaning it conducts both covered and non-covered functions. The Campus Dental Clinic located within the dental assisting program is the healthcare component that generates Protected Health Information (PHI). The college’s Business Office and Information Technology (IT) department perform functions that support the Dental Clinic and must comply with HIPAA to the extent they create, receive, maintain, or transmit PHI on behalf of the Dental Clinic.
In order to assure compliance with HIPAA the College maintains the following roles:
HIPAA Compliance Officer - The College's Risk Manager, VP of Administration
HIPAA Privacy Officer - Director of the Dental Department
HIPAA Security Officer - Chief Information Security Officer