Administrative Functions
- Administrative Aspects of HIPAA (BAs, Marketing, Fundraising) FAQ
- Business Associates
- Business Office Responsibilities for HIPAA Security
- Fundraising Q&A
- HIPAA and the Benefits Office
- HIPAA Glossary & Terms
- HIPAA Incident Reporting Form
- List of Covered Departments
- Visiting Clinical Observers
Guidance Related to Patients and Research Participants
- 21st Century Cures Act FAQ
- AVS (After Visit Summary) Best Practices
- Breach Prevention: What You Need to Know About HIPAA
- Case Reports and Patient Privacy
- Communication with Family, Friends, and Others Involved in Care
- Confirmation of Return or Destruction of Health Information Received in Error
- Disability Paperwork Process
- De-identification guidance (video)
- Epic Reports/JDAT
- Guidance on Photos, Video and Audio Recording in Clinical Areas
- Guidance on Identity Verification
- Guidance on managing patients involved with the Connecticut Department of Children and Families
- Guidance on Withdrawal of Authorization for Research Uses and Disclosures
- HIPAA and Patient Care FAQ
- HIPAA Authorization Checklist
- MyChart Flyers
- Information Blocking
- Patient Rights Under HIPAA FAQ
- Patient Spokesperson FAQ
Patient Forms
- Notice of Privacy Practices
- Patient Rights Forms
- Designated Patient Spokesperson
Security
- Administrative Rights FAQs
- Cloud Services FAQs
- Data Classification
- Encryption
- Epic FAQ
- How to find your NetID
- Security Policy Exception Request FAQ
- Selecting Good Passwords Guidance
Training
- Guidance on HIPAA Training Requirements for Sponsored Identities
- HIPAA Privacy and Security Training and Yale University HIPAA Security Attestation
- De-Identification Training