The Health Information Privacy & Compliance Office is responsible for ensuring that individually identifiable health information is handled appropriately across the entire University.

An Update with University Privacy Coordinators

The Office of Health Information Privacy and Compliance held a meeting for University privacy coordinators.

Training Update

Data privacy and security training are now in ULearn.

University of Washington Medicine Settles Potential Violation of HIPAA for $750,000

The protected health information of 90,000 individuals was accessed after an employee downloaded an e-mail attachment containing malicious malware. To settle charges of violations of the HIPAA security rule, UW agreed to pay $750,000, institute a corrective action plan, and submit annual compliance reports moving forward.

Stolen laptop Containing Medical Images Leads to $850,000 Settlement for Lahey Hospital

A laptop stolen from an unlocked treatment room led to an investigation of Lahey Hospital by the U.S. Department of Health and Human Services. The investigation revealed widespread non-compliance with the HIPAA rules, resulting in a $850,000 settlement.