Policy 1601 Information Access and Security
Procedure 1601 PR.3 Access Control for Protected Health Information (PHI)
Policy 1609 Media Control
Procedure 1609 PR.01 Disposal of Media Containing Confidential or Protected Health Information
Policy 1610 Systems and Network Security Policy
Procedure 1610 PR.01 Systems and Network Security
Procedure 1610 PR.02 Disposal of Obsolete Computers and Peripherals
Procedure 1610 PR.05 Device Security Standards
Guide 1610 GD.01 Selecting Good Passwords
Policy 5001 Notice of Privacy Practices
Policy 5001A Notice of Privacy Practices - Group Health Plan
Procedure 5001 Notice of Privacy Practices
Procedure 5001 PR1 Notice of Privacy Practices - Group Health Plan
Form 5001 Notice of Privacy Practices - Group Health Plan
Form 5001 Notice of Privacy Practices - Yale Health
Form 5001 Notice of Privacy Practices - Yale Psychology Department Clinic
Form 5001 Notice of Privacy Practices - Yale School of Medicine - Spanish
Form 5001 Notice of Privacy Practices - Yale School of Medicine and Nursing
Form 5001 Notice of Privacy Practices - Yale School of Medicine - Display Notice
Form 5001 Notice of Privacy Practices - Yale School of Medicine - Display Notice - Spanish
NOPP Acknowledgement with Consent for Treatment - Yale School of Medicine
NOPP Acknowledgement with Consent for Treatment - Yale School of Medicine - Spanish
Policy 5002 Right to Request Access and Amendment to Designated Record Set
Procedure 5002B Right to Request Access and Amendment
Form 5002 Request Access to PHI in the Designated Record Set
Form 5002 Request Access to PHI in the Designated Record Set-Chinese
Form 5002 Request Access to PHI in the Designated Record Set-Japanese
Form 5002 Request Access to PHI in the Designated Record Set-Korean
Form 5002 Request Amendment of PHI Retained in Designated Record Set
Form 5002 Request Amendment of PHI Retained in Designated Record Set - Yale Health
Form 5002 Solicitación para acceso a PHI retenida en el expediente designado-Spanish
Form 5002 Solicitación para enmienda de la PHI retenida en el expediente designado
Fees for Record Requests
Designated Record Set
Policy 5003 Accounting for Disclosures
Procedure 5003 PR.1 Accounting for Disclosures
Form 5003 Accounting for Disclosure Log Spreadsheet
Form 5003 Accounting of Disclosures Log
Form 5003 Cuenta de Revelaciones
Form 5003 Request for Accounting of Disclosures of Protected Health Information
Form 5003 Response for Accounting of Disclosures
Form 5003 Solicitación para una Cuenta de Revelaciones de la Información de Salud Protegida (PHI)
Policy 5004 Request Restrictions or Confidential Communications
Procedure 5004 PR.1 Request Restrictions or Confidential Communications
Form 5004 Request Confidential Communications - Yale Health
Form for Preferred Communication Methods
Form 5004 Request Confidential Communications - Spanish
Form 5004 Request Confidential Communications -Yale Medicine
Form 5004 Request Restrictions- Opt out of CareEverywhere
Form 5004 Requestion Restrictions- Opt out of CareEverywhere - Spanish
Form 5004 Request Restrictions on Uses and Disclosures of PHI Yale Medicine
Form 5004 Request Restrictions on Uses and Disclosures of PHI - Spanish
Form 5004 Request Restrictions on Uses and Disclosures of PHI - Yale Health
Policy 5005 Reporting Incidents Involving the Security or Privacy of Protected Health Information; Breach Notification
Procedure 5005 PR1 Reporting Incidents Involving the Security or Privacy of Protected Health Information;Breach Notification
5020 Disciplinary Policy for Violations of the Privacy or Security of Protected Health Information
Policy 5026 Reporting Protected Health Information (PHI) Compliance Issues
Policy 5031 Authorization Requirements for Use and Disclosure of Protected Health Information, Including Verification of Identification
Procedure 5031 Authorization Requirements for Use and Disclosure of Protected Health Information, Including Verification of Identification
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information – Yale Health
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information – YSM
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information-Chinese
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information-Japanese
Form 5031 Authorization Form for Use and Disclosure of Protected Health Information-Korean
Form 5031 Autorización para el Uso o la Revelación de Información-Spanish
5031 FR Case Study Authorization
Form 5031 Consent for Media Photographs and Interviews
Form 5031 Designation of Patient Spokesperson -Yale Medicine
Form 5031 Designation of Patient Spokesperson - Spanish
Form 5031 Designation of Patient Spokesperson - Yale Health
Form 5031 Release for Research
Exhibit 5031 Authorization Checklist
Policy 5032 Use and Disclosure of Protected Health Information for Research Purposes
Procedure 5032 Determining Whether “Human Subject Research” Activity Involves Use/Disclosure of “Protected Health Information”
Form 5032 Compound Authorizations
Form 5032 Request for Access to Protected Health Information for Research Purpose
Form 5032 Request for Waiver of HIPAA Authorization for Research Use/Disclosure
Form 5032 Research Authorization (RAF)
Form 5032 Research Authorization (RAF) - Autorización para Hacer Investigación
Form 5032 Research Authorization Short Form - Albanian
Form 5032 Research Authorization Short Form - Amharic
Form 5032 Research Authorization Short Form - Arabic
Form 5032 Research Authorization Short Form - Bengali
Form 5032 Research Authorization Short Form - Bosnian
Form 5032 Research Authorization Short Form - Cantonese
Form 5032 Research Authorization Short Form - Chinese
Form 5032 Research Authorization Short Form - Czech
Form 5032 Research Authorization Short Form - English
Form 5032 Research Authorization Short Form - French
Form 5032 Research Authorization Short Form - Georgian
Form 5032 Research Authorization Short Form - Greek
Form 5032 Research Authorization Short Form - Gujarati
Form 5032 Research Authorization Short Form - Haitian Creole
Form 5032 Research Authorization Short Form - Hebrew
Form 5032 Research Authorization Short Form - Hindi
Form 5032 Research Authorization Short Form - Italian
Form 5032 Research Authorization Short Form - Korean
Form 5032 Research Authorization Short Form - Polish
Form 5032 Research Authorization Short Form - Portuguese
Form 5032 Research Authorization Short Form - Punjabi
Form 5032 Research Authorization Short Form - Russian
Form 5032 Research Authorization Short Form - Sinhalese
Form 5032 Research Authorization Short Form - Spanish
Form 5032 Research Authorization Short Form - Tagalog
Form 5032 Research Authorization Short Form - Tamil
Form 5032 Research Authorization Short Form - Thai
Form 5032 Research Authorization Short Form - Turkish
Form 5032 Research Authorization Short Form - Ukranian
Form 5032 Research Authorization Short Form - Urdu
Form 5032 Research Authorization Short Form - Vietnamese
Form 5032 Research Authorization Short Form - Yiddish
Release for Research
Providing Access to Protected Health Information for a Research Purpose
Policy 5033 Disclosure of PHI to Business Associates
Procedure 5033 Disclosure of PHI to Business Associates
Form 5033 Disclosure of PHI to Business Associates Tracking Form
Flow Chart for Determining a Business Associate
Policy 5034 Uses and Disclosures of PHI for Marketing
Procedure 5034 Uses and Disclosures of PHI for Marketing
Policy 5035 Uses and Disclosures of PHI for Fundraising
Procedure 5035 Uses and Disclosures of PHI for Fundraising
Fundraising FAQ Guidance
Policy 5036 Transmission and Receipt of Protected Health Information via Fax
Procedure 5036 Transmission and Receipt of Protected Health Information via Fax
Fax Confidentiality Statement
Fax Cover Sheet – Yale School of Medicine
Policy 5037 Minimum Necessary Uses, Disclosures, and Requests
Procedure 5037 Minimum Necessary Uses, Disclosures, and Requests
Exhibit A - General Role Based Access Protocol and Criteria
Exhibit B – Routine or Recurring Disclosures Protocol and Criteria
Exhibit C – Minimum Necessary Criteria for Non Routine Disclosure/Request
Policy 5038 Personal Representatives
Procedure 5038 Personal Representatives
Policy 5039 Use and Disclosure of De-Identified Information and of Limited Data Sets
Procedure 5039 Use and Disclosure of De-Identified Information and of Limited Data Sets
Form 5039 Data Use Agreement - For Yale Internal Research Uses
Exhibit A - De-Identified Data Information
Exhibit B – Limited Data Set Information
Policy 5040 Uses and Disclosures of Genetic Information for Underwriting Purposes
Policy 5100 Electronic Protected Health Information (ephi) Security Compliance: HIPAA Security Anchor Policy
Exhibit A - Criticality & Recovery Preparedness: ePHI Systems
Policy 5111 Physical Security
Procedure 5111 PR1 Physical Facility Security Plan for University and ITS Data Centers
Procedure 5111 PR2 Physical Access and Environmental Supports to Protected Health Information
Policy 5123 Electronic Communication of Health Related Information (Email, Voice Mail and other Electronic Messaging Systems)
Form 5123 Designation of Contact Information
Policy 5142 Information System Activity Review
Procedure 5142 PR1 Information System Activity Review (ISAR)
Policy 5143 IT Security Incident Response Policy