Identity

This policy covers the appropriate use of all information resources including computers, networks, and the information contained therein.

The University maintains lists of names, addresses, telephone numbers and electronic mail accounts of individuals and organizations of importance to the University. This Guide Memo sets forth policies concerning use of such University data and describes the major lists used to conduct the University's business.

This Guide Memo describes Stanford University's implementation of the Health Insurance Portability and Accountability Act of 1996 ("HIPAA") and its regulations ("Privacy Rule" and "Security Rule") governing the protection of identifiable health information by health care providers and health plans. The portions of Stanford University that are impacted by HIPAA include the Stanford University HIPAA Components and the Group Health Plan, defined in Sections 3 and 4, respectively.

This Guide Memo references Stanford University HIPAA Components policies on the University HIPAA website and the Group Health Plan HIPAA policies. The Group Health Plan maintains HIPAA policies and procedures in the Resource Library section of the Benefits website. These policies outline more specific rights of individuals regarding their protected health information ("PHI") as well as the operational and system requirements to comply with the Privacy and Security Rules.

Stanford University has an interest in ensuring that the privacy of its students, faculty, and staff is respected. The University is committed to protecting the privacy of Prohibited, Restricted and Confidential Information within its control in a manner consistent with applicable laws, regulations and University policies.