The following information will help guide you through your confidentiality questions as well as information on the UCLA Release of Information website.

Privacy and Security Guide for UCLA Workforce

• Office of the Governor Press Release re: AB211 & SB541 (09/30/08)
• A Health Care Provider's Guide To the HIPAA Privacy Rule
• A Patient's Guide To the HIPAA Privacy Rule
  

UCLA Health System Privacy Policies

Patient Privacy Rights

• HS 9401  Protection of Confidential Patient Information (Protected Health Information (PHI))
• HS 9410  Registration: Terms and Conditions of Service
• HS 9411  Notice of Privacy Practices
• HS 9412  Authorization for Use/Disclose of Protected Health Information (PHI)
• HS 9413  Patient Access to Protected Health Information (PHI)
• HS 9414  Request for Special Restrictions on Use/ Disclosure of (PHI)
• HS 9415  Request for Amendment of Protected Health Information (PHI)
• HS 9416  Request for Accounting of Disclosures
• HS 9417  Management of Patient / Family / Visitor Complaints and Grievances

PHI Management

• HS 9421  Employee Access to and Use of Protected Health Information (PHI) (Minimum Necessary Standard)
• HS 9422  Disclosure of Protected Health Information to Third Parties

Privacy-Compliance

• HS 9430 Business Associates 
• HS 9460  Privacy and Information Security Training
• HS 9490  Mitigation Policy

Visitor Policy

• Clinical Observers and Shadowers
  • For access to the forms and/or addendums listed in the policy, please contact LilyZhang@mednet.ucla.edu

Privacy-Marketing, Fundraising & Media Relations

• HS 9470  Use of PHI for Marketing Purposes
• HS 9471  Use of PHI for Fundraising
• HS 9472  Permissible Disclosures of PHI to the Public and the Media

Research

• HS 9440  Release of PHI for Research Purposes

UCLA Health System Information Security Policies

• HS 9450  Information Security
• HS 9451  Use of Electronic Information by UCLA Health Workforce (Employees)
• HS 9452  User Accounts (Authorizing Access to Restricted Information; Passwords)
  • HS 9452 - Health Sciences Administrative Access Standard
  • HS 9452 - Health Sciences Multifactor Authentication Standard
• HS 9453-A  Use of Electronic Mail (Email)
• HS 9453-A Health Sciences Email Standard
• HS 9453-B  Facsimile Transmission of Restricted Information
• HS 9453-C  Device and Removable Media Encryption
  
  • HS 9453-C Health Sciences Device Encryption Standard
• HS 9453-D  Remote Access
  • HS 9453-D Health Sciences Remote Access Standard
• HS 9454  Requests to Interface or Download Restricted Information
• HS 9455  Security Assessment and Management
• HS 9456  Physical Security of Restricted Information
• HS 9457  Minimum Security Standards for Network Devices
  • Health Sciences Data-in-Motion Standard
  • Health Sciences Data and System Integrity Standard
• HS 9458  Backup and Contigency Plans (Disaster Recovery)
• HS 9459  Privacy and Information Security Incident Reporting
• HS 9461  Privacy and Information Security Sanction Policy
• HS 9462  Privacy and Information Security Monitoring and Auditing
• HS 9462 Health Sciences Privacy and Information Security Auditing and Monitoring Standard