Skip to main content
Current Students Faculty/Staff myOKSTATE Directory
Quicklinks
/
Search
 Apply
Close

Search

DirectoryA-Z Site Index

Quicklinks

Logins

Academic Schedule

Places & Departments

Trending Now

About OSU Academics
Undergraduate Academics
Graduate and Professional Education
Online Programs
Admissions
Undergraduate Admissions
Graduate Admissions
Cost & AidStudent LifeResearch
About OSUAcademics
Undergraduate Academics
Graduate and Professional Education
Online Programs
Admissions
Undergraduate Admissions
Graduate Admissions
Cost & AidStudent LifeResearch Apply
Current Students Faculty/Staff myOKSTATE Directory

Search

DirectoryA-Z Site Index

Quicklinks

Logins

Academic Schedule

Places & Departments

Trending Now

Go back to top of page

HIPAA Privacy Notice

Health Insurance Portability and Accountability Act of 1996 (HIPAA)

In 1996, the Health Insurance Portability & Accountability Act ("HIPAA") was signed into law. Later on, the Department of Health and Human Servoces ("HHS") promulgated regulations to implement the requirements of the new law known as the Privacy Rule and Security Rule, respectively. As a hybrid entity, Oklahoma State University (OSU) must comply with the HIPAA Privacy and Security Regulations.
A major goal of the Privacy Rule is to assure that individuals' health information is properly protected while allowing the flow of health information needed to provide and promote high quality health care and to protect the public's health and well-being. The Privacy Regulations establish national standards regarding uses and disclosures of protected health information.

Hybrid Entity

Oklahoma State University (OSU) is a hybrid entity under HIPAA, designating certain units as healthcare components that must follow HIPAA rules. OSU’s designated healthcare components protect patient health information and comply with HIPAA security and privacy standards.

Matt Barnes
Security Officer

Barrett Hunter
Privacy Officer

OSU has designated the following as healthcare components:

  • University Health Services insofar as they treat patients who are not OSU students nor OSU employees whose records are maintained by the component in its capacity as an employer.
  • Human Resources for the following units:
    • Employee Benefits
  • College of Arts & Sciences for the following units:
    • Department of Communication Sciences and Disorders
    • Department of Psychology
  • College of Education & Human Sciences for the following units:
    • Counseling and Counseling Psychology Clinic
  • Al Carlozzi Counseling Center on the Tulsa Campus

OSU designates the following as business components:

  • Department of Information Technology insofar as they provide administrative services to healthcare components that would constitute the department a business associate if it was a separate legal entity.
  • Office of Internal Audits insofar as they provide administrative services to healthcare components that would constitute the department as a business associate if it was a separate legal entity.
  • Office of Legal Counsel insofar as they provide administrative services to healthcare components that would constitute the department as a business associate if it was a separate legal entity

HIPAA Training

All OSU faculty, staff, residents, students, volunteers, and affiliates of designated healthcare components are required to complete mandatory HIPAA training during onboarding and annually thereafter. The training is federally mandated.

  • To complete the training, log in to your OSU Talent Portal with your OKEY credentials. Navigate to "My community" and click on "Learning library" to search for the HIPAA course. This course is available for all employees.
  • If you have any questions regarding training, please contact Human Resources at 405.744.5449 or osu-trng@okstate.edu

Frequently Asked Questions (FAQs)

How do I report a HIPAA Incident?

To file a complaint, email chs.privacy@okstate.edu or file an anonymous complaint online at Ethics Point.

How do I determine if my data is considered HIPAA or not?

You can either:

1. Fill out the Regulated Data Consultation form, or

2. Email it.compliance@okstate.edu

A member of our team will reach out to you with further assistance.