The Health Insurance Portability and Accountability Act (HIPAA) requires health care providers to assure patient confidentiality and other patient rights. This resource assists Ryan White grantees, their contractors, and subgrantees in complying with these requirements.
Agencies that collect client data, either on paper or electronically, are responsible for protecting the data. Data security is defined by Public Health Data Standards as “physical, technological, or administrative safeguards or tools used to protect identifiable health information from unwarranted access or disclosure."
Data security entails attention to security and also requires attention to protecting the privacy of client information in accordance with HIPAA and other requirements. Ryan White data collection systems use the eUCI (Unique Client Identifier), an algorithm that meets the highest privacy and security standards.
Resources 8
Resources
- HRSA HIV/AIDS Bureau (HAB)
- HRSA HIV/AIDS Bureau (HAB), Data Integration, Systems and Quality (DISQ) TeamThe encrypted Unique Client Identifier (eUCI) and its application in RWHAP data systems.
- Data Integration, Systems and Quality (DISQ) Team
Tools to walk users through some common functions associated with preparing and submitting the RSR.
- NASTAD
Tools for Ryan White HIV/AIDS Program (RWHAP) Part B Programs and AIDS Drug Assistance Programs (ADAPs) in accessing various data sources and developing DSAs with entities.
- Hartford Department of Health and Human Services
Sample agreement submitted via the CAREWare listserv.
- Hartford Department of Health and Human Services
Sample user agreement submitted via the CAREWare listserv.
Webinars
- Data Integration, Systems and Quality (DISQ) Team
This series of videos covers the fundamental concepts behind the Ryan White Services Report (RSR) for new and experienced grantees.
- Data Integration, Systems and Quality (DISQ) TeamOverview of responsibilities of RWHAP grant recipients regarding data security.