HIPAA Compliance Documents

Compliance Plan & administrative documents

The goal of the Indiana University HIPAA Privacy & Security Compliance Plan is to provide a structure that promotes understanding and compliance with the HIPAA Privacy & Security Rules, related provisions of the HITECH Act, and applicable Indiana privacy and security laws.

Below you will find links to documents that support IU's committment to compliance with HIPAA.

HIPAA administrative requirements

The HIPAA Privacy Rule requires a covered entity to implement specific administrative requirements. These requirements include:

  • Designate a privacy and security officer
  • Hybrid covered entities must document designation - see the Designation Statement
  • Develop and make available policies and procedures

Privacy Policies, Procedures and Guidance

Indiana University has developed HIPAA Privacy policies, procedures and guidance documents as required under the HIPAA Privacy Rule.
HIPAA Security Rule Procedure: