SNAP was decommissioned at the end of May.

You will be redirected to the new site in 5 seconds. Please update your bookmarks to point to

SNAP : Health Insurance Portability and Accountability Act of 1996 (HIPAA)
Skip to Toolbar
Skip to Tabs
Skip to Search
Skip to Content
Health Insurance Portability and Accountability Act of 1996 (HIPAA)

Summary: HIPAA governs the privacy and security of protected health information.

UC is mandated to comply with the legal requirements governing the provision of health benefits, the delivery of and payment for healthcare services, and the security and confidentiality of individually identifiable, protected health information (PHI) in written, electronic, or oral formats collected by University employees in the course of patient care activities at:

  • the UC Irvine Medical Center and School of Medicine
  • the Student Health Center
  • the Counseling Center
  • other academic and service units that provide treatment, generate or use PHI, conduct electronic billing using PHI, or otherwise have access to such information in the course or scope of the work of the unit or the individual employee.

Privacy Rule

The Privacy Rule creates standards that protect a patient or member's medical records and personal health information and:

  1. Gives patients and plan members more control over their health information;
  2. Sets boundaries on the use and release of health records;
  3. Establishes appropriate safeguards that health care providers and others must achieve to protect the privacy of health information;
  4. Holds violators accountable and imposes civil and criminal penalties for violation of a patient's privacy rights;
  5. Strikes a balance when public responsibility requires disclosure of some forms of data (for example, to protect public health); and,
  6. Establishes a "federal floor" of safeguards. (State laws with stronger privacy protections take precedence over and above the HIPAA Privacy Rule.)

Privacy Rule Complaint Process

You may file a complaint if you believe that the University is not complying with applicable HIPAA requirements. Please identify the entity or individual that is the subject of the complaint and describe the activities believed to be in violation of the HIPAA rule. The complaint must be filed within 180 days of the activity. You will not be penalized for filing a complaint.
You may contact or file your complaint with any of the following offices: Information for filing an anonymous complaint consistent with the University of California Whistleblower Policy is available.

You may also access the following websites for further information:

Please call UCI Human Resources at (949) 824-5210 for questions regarding the HIPAA Privacy Rule.

Security Rule

Detailed information regarding the HIPAA Security Rule.

Need an expert? Contact Human Resources, (949) 824-5210.

Notice: Where the information presented in this document or elsewhere on this site is in conflict with University polices, procedures, or applicable collective bargaining agreements, the terms of those University policies, procedures and agreements shall govern.


Author: N/A Last published: N/A