Search300 Results

The Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA") established Federal standards for safeguarding the privacy of individually identifiable health information. HIPAA mandates rigorous compliance with the requirements for the use and/or disclosure of protected health information ("PHI").

The University of North Carolina at Chapel Hill (UNC-Chapel Hill) has established standards and safeguards to protect patient’s information and to ensure compliance with federal and state information security regulations.

All activities involving the collection of human biological specimens for research purposes, as well as the research use of specimens collected for clinical care, must be conducted under the terms of an IRB approved research protocol. The collection and use of human biological specimens (either identifiable or de-identified) must comply with all applicable laws and regulations for research involving human biological specimens or superseding requirements.

The Information Classification Standard gives a structure for the University's information. This structure helps us recognize the types of University Information we handle. It makes it easier to keep the information safe. This Standard considers the University's academic culture, which values sharing information. Classifying information the right way gives everyone at the University, at every level, a structure that supports their University activities.

This document describes who at the University of North Carolina at Chapel Hill appoints Information Security Liaisons and what those Information Security Liaisons do.

Policy that outlines Adams School of Dentistry workforce members with creating, storing, transmitting, accessing, or using any patient information in support of clinical or research purposes.

The privacy and confidentiality of personal information, including personal health information is addressed in a variety of state and federal regulations and University of North Carolina at Chapel Hill ("UNC-Chapel Hill") policies. This policy addresses the specific privacy obligations required by the Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA").

To describe minimum requirements for members of the University of North Carolina at Chapel Hill ("University" or "UNC-Chapel Hill") experiencing a concern that might indicate a Possible Information Security Incident. To specify Information Security Incident authority and role requirements for Information Security Incident Handlers and Information Security Liaisons.

The purpose of this procedure is to define a process for individuals to file a complaint if they suspect a potential violation of their own or some other person's rights regarding the privacy of health information under the Health Insurance Portability and Accountability Act of 1996, as modified by the Health Information Technology for Economic and Clinical Health Act of 2009 ("HIPAA").

This Standard provides a structure for the classification and handling of information developed under and in support of the University's Emergency Management Policy. This Standard is intended to apply specific and stringent handling and information control procedures and practices for Emergency Management Information, aligned with the University’s Information Classification Standard.

Some research designs may require the withholding of information from human subjects. Research involving deception or withholding of information must be reviewed by the IRB with common sense and sensitivity. The withholding of information by researchers is different from the practice of deception, in which researchers provide false or misleading information to subjects.

This standard defines the minimum security controls for Information Technology systems in use at UNC-Chapel Hill including personal and University-owned devices. Units within the University may apply stricter controls to protect information and systems in their areas of responsibility. The standard applies to each UNC-Chapel Hill Constituent, student, employee, or other for any covered system under their control.

All members of the University community who engage with any University information technology (including wireless or other networks) must adhere to this Acceptable Use Policy.

This SOP provides examples and procedures for the reporting of Promptly Reportable Information (PRI) to the University of North Carolina at Chapel Hill's Institutional Review Board.

Resources for information, consultation, and advice on biohazard control, decontamination procedures, and other aspects of laboratory and animal safety management