HIPAA Website Logo


HIPAA Training Button

HIPAA Contracts Button
HIPAA Policies Button

HIPAA Facts Button

HIPAA & Research Button
HIPAA Compliance Concerns Button
HIPAA Security Update Button
HIPAA Home Button

In the fall of 2002, GW initiated a multi-phase effort to assess the impact of the Health Insurance Portability and Accountability Act (HIPAA). The privacy and security components of the HIPAA legislation impact the use, transmission, and storage of protected health information (PHI).

The assessment concluded that GW is not covered by the HIPAA regulations and, therefore, is not a covered entity. HIPAA does, however, indirectly impact the University through its relationships and affiliations with a number of covered entities, particularly its affiliations with The George Washington University Hospital and Medical Faculty Associates, Inc. These impacts are most directly realized in the area of human subjects research and the required protections regarding the use of protected health information (PHI) for research purposes.

Although not a covered entity under HIPAA, GW is committed to continuing to implement privacy and security best practices in order to ensure protections to its students, faculty, and staff, served by its non-medical clinics, and University services including Student Health Services and Human Resources and Benefits. Additionally, in the Medical Center and other clinical training programs, training and exposure to HIPAA requirements orient students to ethical and professional requirements of their future internships and professional opportunities.

In its ongoing efforts to ensure the implementation of privacy and security best practices, GW has instituted these activities:

  • Design and delivery of training for medical and health science students, clinicians, Institutional Review Board members and participants, and employees who may have access to Protected Health Information
  • Design and delivery of training specific to computer and information professionals regarding information security best practices and protections
  • Development of privacy policies and procedures for functions and departments that interact with health information
  • Development of supporting security policies, procedures and protections
  • Establishment of a GW Privacy Officer and Privacy Council to address privacy issues

This website provides links to internal and external information resources supporting GW's compliance with HIPAA regulations, privacy and security best practices.

For more information about University policies on Privacy and Confidentiality refer to The George Washington University Compliance Office.


© 2003-2012 The George Washington University