HIPAA Privacy Office General Information
What is HIPAA?
The Health Insurance Portability and Accountability Act (HIPAA) of 1996, is a Federal Regulation dealing with health records. The purpose of the Act is to ensure the privacy and security of Protected Health Information (PHI) with regard to patient records and research subject data. As an employer, healthcare practitioner and researcher, CMU is committed to protecting its employees, patients and subjects within our community.
Reporting HIPAA Incidents
All suspected HIPAA Incidents must be reported in a timely manner. You can report a HIPAA Incident or Complaint to:
The above contacts are the preferred method to report a HIPAA Incident; however, you may also report to a Supervisor or Manager in accordance with HIPAA Policy 12-4. Refer also to the CMU HIPAA Contacts tab on this webpage.
- HIPAA Privacy Office, or
- A HIPAA Representative, or
- CMU Ethics Hotline, or
- Call (confidential) at 1-866-294-9379
Contracts/Agreements that involve HIPAA Protected Health Information
If you are working on a contract/agreement that may involve Protected Health Information (PHI), then the contract may require a HIPAA Business Associate Agreement (BAA). Contact the HIPAA Privacy Office to assure that HIPAA regulatory requirements are met.
The HIPAA Privacy Office Team
Karen Haskin, MSA, RHIT, CHCO, OHCC - HIPAA Privacy Officer
Jamie Madrigal, MSA - HIPAA Coordinator