Graduate Medical Education

HIPAA Memorandum

TO: All Medical Staff (Faculty, Residents) and Medical / Pharmacy Students
FR: A. Scioscia, MD, M. Savoia, MD, S. Huang, MD, C. Slaughter, D. Weissburg
RE: HIPAA Security Rule - Training Program on Information Security
For Electronic Protected Health Information (ePHI)

Federal HIPAA (Health Insurance Portability and Accountability Act) Security Laws require hospitals and providers to implement safeguards to protect electronic protected health information (ePHI) which is computer based, e.g., created, received, stored or maintained, processed and/or transmitted in electronic media. Electronic media includes networks, servers, computer workstations, dial-modems, web-sites, and portable media such as laptops, disks, PDAs, memory sticks. The Security Rule requires covered entities to document risk assessments and risk management plans and to update / implement information security policies. This effort is well underway for all of UCSD Health Sciences. Security training materials were developed in collaboration with the UC-Systemwide HIPAA Security Committee and will satisfy the federal Security Rule workforce training requirements. General reminders:

  • Mobile devices and laptops must be encrypted.

  • Use UCSDH's secure email system to send encrypted emails. Learn about email encryption here -

Page 'Breadcrumb' Navigation: