The Department of Integrity Services is seeking a vendor to perform a HIPAA Privacy Program Review to assess, document and prioritize compliance gaps related to University Health's compliance with the Health Insurance Portability and Accountability Act (HIPAA) Privacy Rule and the HITECH Act Breach Notification Rule. This assessment will provide clear direction on the steps that can bring the organization into compliance with the HIPAA Privacy Rule and provide a privacy framework consistent with University Health's operations. The vendor awarded this contract must provide a documented report that will include a presentation of this project background with all scope of services included in items 1 -10 below and their documented findings. This final report will be presented to University Health Leadership staff to provide compliance status, steps for corrected training, and ways to help Protect against reasonable (PHI) threats.
