UW-Madison - Policy Portfolio - Privacy
The Privacy policy portfolio includes policies related to privacy practices, for example, information collection, information sharing, permission for release of information, etc.
Privacy addresses the protection of privacy in an IT environment. The cybersecurity-related policies in this portfolio are mapped to the NIST SP 800-53 control families.
Policies
Faculty Senate - Access to Faculty and Staff Electronic Files Policy
HIPAA (on compliance.wisc.edu)
- 2.1 Notice of Privacy Practices (NPP)
- 3.2 Uses and Disclosures of Protected Health Information That Require Patient Authorization
- 3.3 Uses and Disclosures of PHI Not Requiring Patient Authorization
- 3.4 Uses and Disclosures of PHI That Require Providing Patient with an Opportunity to Agree or Object
- 3.5 Uses and Disclosures of Protected Health Information for Education and Training
- 3.6 Uses and Disclosures of Protected Health Information for Marketing
- 3.7 Uses and Disclosures of Protected Health Information for Fundraising
- 3.8 Minimum Necessary Standard
- 3.9 Verifying Identity and Authority of Persons Seeking Disclosure of a Patient's PHI
- 3.10 Designated Record Set
- 3.11 Sale of Protected Health Information Generally Prohibited
- 5.1 De-identification of Protected Health Information Under the HIPAA Privacy Rule
- 5.2 Creation of a Limited Data Set Under the HIPAA Privacy Rule
- 7.1 Requests by Patients for an Accounting of Certain Disclosures
- 7.2 Requests by Patients to Amend Protected Health Information
- 7.3 Requests by Patients for Alternative Confidential Communications
- 7.4 Requests by Patients for Access to Inspect and Obtain a Copy of Protected Health Information
- 7.5 Requests by Patients for Restrictions on Uses and Disclosures of Protected Health Information
- 8.5 Security of Faxed, Printed, and Copied Documents Containing Protected Health Information
- 8.6 Email Communication Involving Protected Health Information
- 10.1 Complaints Under the HIPAA Privacy Rule
IT Policy - Collection of Personal Identity Information via Email
UW-Madison IT Professionals - Guidelines, Best Practices, and Advice (on it.wisc.edu)
UW System - 25-3 Acceptable Use of Information Technology Resources (privacy and security provisions) (on wisconsin.edu)
Related Documents
IT Policy-related
- FERPA Description
- HIPAA Descrption
- Non-UW-Madison Applications and Services Guidelines (main entry: Acquisition and Development)