What is HIPAA?

​​HIPAA, the Health Insurance Portability and Accountability Act of 1996, is a Federal Regulation dealing with health records. The purpose of the Act is to ensure the privacy and security of Protected Health Information (PHI) with regard to patient records and research subject data. As an employer, healthcare practitioner and researcher, CMU is committed to protecting its employees, patients and subjects within our community.

Who is affected?
The CMU HIPAA Task Force has placed CMU students, faculty, and staff into one or more of the levels shown to the right.

Level 1

General CMU Community Health Care Consumers
Individuals at this level are encouraged to review the        HIPAA Basic Training-HIPAA 101 Powerpoint presentation..

Level 2
Departments within the Hybrid Entity:
- Accounts Receivable
- Compensation & Benefits
- Employee Relations
- Faculty Personnel
- General Counsel
- Internal Audit
Level 3
Covered Entities
- Student Health Services
- Self-insured Health Plans
- Counseling Center
- CDO: Speech & Hearing Clinics

Individuals at levels 2 and 3 are required to take various training.