HIPAA O365 Controls - Domains approved for O365 auto-forwarding within Health Care Component

Auto-forwarding email to approved domains by users within the UW-Madison Health Care Component is permitted. The following domains are approved for auto-forwarding. This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Auto-forwarding to domains outside of the UW-Madison Health Care Component (HCC) and/or the UW-Madison Affiliated Covered Entity (ACE) is not permitted. Auto-forwarding between wisc.edu addresses and non-HCC / non-ACE domains creates the potential for HIPAA Privacy Rule violations.

This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Domains approved for auto-forwarding within the UW-Madison Health Care Component:

  • all @wisc.edu subdomains that are part of UW-Madison's Office365 tenant (such as medicine.wisc.edu, show.wisc.edu, clinicaltrials.wisc.edu, etc.)
  • athletics.wisc.edu
  • fammed.wisc.edu
  • hosp.wisc.edu
  • ortho.wisc.edu
  • rehab.wisc.edu
  • slh.wisc.edu
  • uwathletics.com
  • uwbadgers.com
  • uwhealth.org
  • uwmf.wisc.edu




Keywords:HIPAA Risk Analyst Security Coordinator auto-forward Office365 O365 HCC Health Care Component HIPAA O365 Controls   Doc ID:93899
Owner:Peter V.Group:Office of Cybersecurity
Created:2019-08-15 13:23 CDTUpdated:2020-08-31 12:18 CDT
Sites:Cybersecurity Operations Center, DoIT Help Desk, DoIT Tech Store, IT Policy, My UW-Madison Portal, Network Services, Office 365, Office of Cybersecurity, Systems Engineering
Feedback:  0   1