Health Insurance Portability and Accountability Act Overview (HIPAA)

Morehouse School of Medicine and Morehouse Healthcare, Inc., collectively referred to as “MSM,” are committed to protecting the privacy and security of protected health information (“PHI”). MSM will treat as PHI any individually identifiable health information collected from an individual, whether oral or recorded in any form or medium that is created or received by it that relates to an individual’s past, present, or future physical or mental health or condition, an individual’s health care, or past present or future payment of health care.  The protection of PHI is governed under the federal law by the Health Insurance Portability and Accountability Act of 1996 (“HIPAA”).   

HIPAA provides certain rights to individuals regarding their PHI and imposes obligations upon MSM to maintain such PHI. It sets forth standards for the protection of PHI in any form or medium under the Privacy Rule and under the Security Rule with respect to the maintenance of administrative, technical and physical safeguards designed to protect the confidentiality, integrity and availability of electronic PHI (“ePHI”). These requirements apply to all medical staff, faculty, staff, residents, interns, students, agents and consultants, and other individuals (“Workforce Members”) involved in the collection, maintenance, use, or disclosure of PHI at MSM.  The scope extends to but is not limited to uses or disclosures in connection with the following activities: 

  • Research
  • Marketing
  • Fundraising
  • Disclosures to third parties
  • Sensitive PHI (i.e. genetic or mental health information, HIV-related information, and alcohol or drug  abuse related information)

Under HIPAA, information that identifies an individual or any information that taken together or used with other information that could enable someone to determine an individual’s identity must be protected from unauthorized use or disclosure. Identifiable information includes information such as an individual’s name, address, date of birth, social security number, medical records number, health plan beneficiary number, phone number, email address, IP address, driver’s license number, or full-face photographic images.

If you have any questions or complaints about MSM HIPAA and privacy practices please contact the MSM Privacy Officer at 1-888-756-1364 or in writing at 720 Westview Dr. SW, Atlanta, GA 30310.  Additional information on HIPAA can be found under the MSM HIPAA policies via MSM Connect and through the resources below.