Topics Map > Office of Cybersecurity > Cyber Risk Management & Compliance > HIPAA M365 Controls

HIPAA M365 Controls - Domains approved for M365 auto-forwarding within Health Care Component

Auto-forwarding email to approved domains by users within the UW-Madison Health Care Component is permitted. The following domains are approved for auto-forwarding. This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Auto-forwarding to domains outside of the UW-Madison Health Care Component (HCC) and/or the UW-Madison Affiliated Covered Entity (ACE) is not permitted. Auto-forwarding between wisc.edu addresses and non-HCC / non-ACE domains creates the potential for HIPAA Privacy Rule violations.

This list is reviewed and approved periodically by the Office of Cybersecurity and Office of Compliance.

Domains approved for auto-forwarding within the UW-Madison Health Care Component:

all @wisc.edu subdomains that are part of UW-Madison's Microsoft365 tenant (such as medicine.wisc.edu, show.wisc.edu, clinicaltrials.wisc.edu, etc.)
athletics.wisc.edu
fammed.wisc.edu
hosp.wisc.edu
ortho.wisc.edu
rehab.wisc.edu
slh.wisc.edu
uwathletics.com
uwbadgers.com
uwhealth.org
uwhealthcaredirect.com
uwmf.wisc.edu

Keywords	HIPAA, Risk Analyst, Security Coordinator, auto-forward, Microsoft 365, M365, HCC, Health Care Component, HIPAA, M365 Controls Suggest keywords	Doc ID	93899
Owner	Patti H.	Group	Cybersecurity
Created	2019-08-15 12:23:37	Updated	2024-08-05 11:16:10
Sites	Office of Cybersecurity
Feedback	2 2 Comment Suggest a new document