Download PDF
Effective Date: April 10, 2017
Revised: March 11, 2025
Policy
HIPAA Policies for BU Health Plans Manual – Privacy and Security of Protected Health Information for BU Health Plans
Responsible Office Office of Healthcare Compliance and Health Information Privacy
Table of Contents
| Section | Name |
|---|---|
| HP Introduction | HIPAA and the Boston University Health Plans |
| Privacy and Security | |
| Policy Responsibility | |
| HP Policy 1 | Basics |
| HP Policy 2 | Individual Responsibilities for Safeguarding PHI |
| HP Policy 3 | Routine Use and Disclosure of PHI |
| HP Policy 4 | Non-Routine Uses and Disclosures of PHI without Authorization; Prohibited Uses |
| HP Policy 5 | Authorizations and When They are Necessary |
| HP Policy 6 | Individuals’ Rights under HIPAA |
| HP Policy 7 | Breaches |
| HP Policy 8 | Security Policy |
| HP Policy 9 | Definitions |
| HP Appendix | A: Contacts |
| HP Appendix | B: Employees within the BU Health Plans Firewall |
| HP Appendix | C. Boston University’s Certification regarding the Plan Documents |