HIPAA and Compliance
This policy does not apply to health information contained within education records covered under the Federal Education Right and Privacy Act (“FERPA”).
The Compliance Plan (the "Compliance Plan" or “Plan”) is intended to demonstrate the HCC’s commitment to the highest standards of ethics and legal and regulatory compliance. The elements of the Plan generally include establishing compliance and practice standards to prevent erroneous or fraudulent conduct, communicating the standards to employees, responding to detected violations, enforcing disciplinary standards, developing open lines of communication, monitoring and auditing, and maintaining an environment that supports the Plan.
Who is subject to this policy?
- Montclair State University Audiology Clinic
- Center for Autism and Early Childhood Mental Health
- Jeffrey Dworkin Early Intervention Program
- University Health Center (UHC)
The University’s Privacy Officer is responsible for providing training and must ensure that all employees, agents and students within the healthcare components have completed the CITI Program - CITI Health Information Privacy and Security (HIPS).
Any healthcare component of the University that enters into a contract with a third party that will be provided access to PHI must sign a business associate agreement (“BAA”). The University’s form of BAA can be emailed upon request to email@example.com.