Privacy

Welcome to Compliance Privacy

UT Health San Antonio’s Institutional Compliance and Privacy Office is committed to protecting the medical and sensitive information of its patients, workforce members, and community. UT Health San Antonio adheres to the Health Insurance Portability and Accountability Act (HIPAA) and is dedicated to safeguarding Protected Health Information (PHI).

The goal of the Privacy Program is to promote privacy awareness across the institution and ensure that all workforce members have the training, tools, and resources needed to protect confidential information, report privacy concerns, and seek guidance from the Institutional Compliance and Privacy Office when necessary.

Privacy Program Scope

The Privacy Program is responsible for monitoring compliance with applicable federal and state privacy laws and regulations, including HIPAA and Texas privacy laws. The program oversees the identification, investigation, and reporting of potential privacy violations to appropriate regulatory agencies, as required.

The Institutional Compliance and Privacy Office serves as a resource for privacy-related questions, provides education and training to the workforce, and investigates all reported privacy incidents. Additionally, the program tracks, analyzes, and reports on privacy compliance activities and develops training initiatives and risk mitigation strategies to strengthen the protection of sensitive information across the organization.

Examples of Our Activities

Develop and maintain privacy policies, procedures, and guidelines for UT Health San Antonio
Educate workforce members on patient privacy laws, regulations, and institutional policies
Respond to privacy-related questions from patients and workforce members
Investigate potential privacy incidents and breaches
Monitor and evaluate access to electronic medical records to ensure appropriate use
Facilitate regulatory breach reporting, when required

Patient Privacy Rights

The regulations under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) protect the privacy and security of individuals’ identifiable health information and establish important rights for patients regarding their health information.

At UT Health San Antonio, patients have the right to:

Receive a notice of UT Health San Antonio’s privacy practices
Inspect and obtain a copy of the health information maintained about them
Request an amendment to their medical record if they believe information is inaccurate or incomplete
Request an accounting of certain disclosures of their health information
Request restrictions on the use or disclosure of their health information
Request confidential communications in a specific manner or at a specific location

Notice of Privacy Practices
In accordance with HIPAA, UT Health San Antonio is required by law to inform patients of their privacy rights and how their health information may be used and disclosed.

The UT Health San Antonio Notice of Privacy Practices explains how medical information may be used and disclosed, as well as how patients can access their information.

If you have questions about this Notice or believe your privacy rights have been violated, you may contact the Institutional Compliance & Privacy Office.

UT Health San Antonio
Institutional Compliance & Privacy Office
7703 Floyd Curl Drive, MS 7861
San Antonio, TX 78229
Email: compliance@uthscsa.edu
Phone: 210-567-2014
Fax: 210-567-9285

Report Compliance Concerns online at: UT Health San Antonio | Institutional Compliance and Privacy Office
Right to Inspect and Obtain Protected Health Information (PHI)
Patients have the right to inspect and obtain a copy of their health information, subject to certain exceptions. To request access to your records, please visit the Health Information Management (HIM) department’s medical records request webpage:
https://uthscsa.edu/physicians/patients-and-families/records-request
Right to Request an Amendment to Your Medical Record
If you believe information in your medical record is inaccurate or incomplete, you have the right to request an amendment. Requests may be denied under certain circumstances.
To submit an amendment request, please visit the Health Information Management (HIM) department’s webpage:
https://uthscsa.edu/physicians/patients-and-families/records-request
Right to an Accounting of Disclosures
Patients may request an accounting of certain disclosures of their health information made during the previous six (6) years. Disclosures related to treatment, payment, healthcare operations, or those authorized by the patient are generally excluded.
Requests can be submitted through the Health Information Management (HIM) department’s webpage at https://uthscsa.edu/physicians/patients-and-families/records-request.
Right to Request Restrictions on Use or Disclosure of PHI
Patients may request restrictions on how their health information is used or disclosed for treatment, payment, or healthcare operations. While UT Health San Antonio is not required to agree to all requests, it will comply when required by law, including certain situations involving services paid fully out-of-pocket.
Instructions for submitting a restriction request are available through Health Information Management (HIM) department’s webpage at https://uthscsa.edu/physicians/patients-and-families/records-request.
Right to Request Confidential Communications
Patients have the right to request that communications regarding their health information be provided in a specific way (e.g., mailed to an alternate address or communicated via a preferred method). UT Health San Antonio will accommodate reasonable requests when feasible.
Details on how to submit these requests can be found in the Notice of Privacy Practices or through the Health Information Management (HIM) department’s webpage at https://uthscsa.edu/physicians/patients-and-families/records-request.

RESOURCES

Notice of Privacy Practices (English)

Notice of Privacy Practices (Spanish)

Non-Discrimination Notice

Health Records Request

Contact Us

If you have any concerns related to the privacy of your protected health information, please call the Institutional Compliance and Privacy Office at (210) 567-2014. You may also call our anonymous Compliance Hotline at (877) 507-7317 or report online at http://uthscsa.edu/ReportNow.