What is HIPAA

HIPAA, the Health Insurance Portability and Accountability Act, is a federal law to protect a patient's health information and the patient's rights over their records. HIPAA information can not be disclosed and follows tight security controls. Violating these controls can result in heavy fines, lawsuits, and criminal penalties. 

Any health data that can identify an individual or disclose information about an individual's health should be treated as HIPAA-protected until deemed otherwise by the institute's GRC or legal team.

COC systems do not store HIPAA classified data, so any need to work with HIPAA data must go to OIT systems to ensure a proper environment.