HIPAA O365 Controls - Domains approved for O365 auto-forwarding within Health Care Component

Auto-forwarding email to approved domains by users within the UW-Madison Health Care Component is permitted. The following domains are approved for auto-forwarding. This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Auto-forwarding to domains outside of the UW-Madison Health Care Component (HCC) and/or the UW-Madison Affiliated Covered Entity (ACE) is not permitted. Auto-forwarding between wisc.edu addresses and non-HCC / non-ACE domains creates the potential for HIPAA Privacy Rule violations.

This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Domains approved for auto-forwarding within the UW-Madison Health Care Component:

all @wisc.edu subdomains that are part of UW-Madison's Office365 tenant (such as medicine.wisc.edu, show.wisc.edu, clinicaltrials.wisc.edu, etc.)
athletics.wisc.edu
fammed.wisc.edu
hosp.wisc.edu
ortho.wisc.edu
rehab.wisc.edu
slh.wisc.edu
uwathletics.com
uwbadgers.com
uwhealth.org
uwmf.wisc.edu

Keywords:	HIPAA Risk Analyst Security Coordinator auto-forward Office365 O365 HCC Health Care Component HIPAA O365 Controls Suggest keywords	Doc ID:	93899
Owner:	Peter V.	Group:	Office of Cybersecurity
Created:	2019-08-15 13:23 CDT	Updated:	2020-08-31 12:18 CDT
Sites:	Cybersecurity Operations Center, DoIT Help Desk, DoIT Tech Store, IT Policy, My UW-Madison Portal, Network Services, Office 365, Office of Cybersecurity, Systems Engineering
Feedback:	0 1 Comment Suggest a new document