HIPAA Privacy and Security Program

The Health Insurance Portability and Accountability Act (HIPAA) Compliance Program is part of Mount Sinai's robust Audit & Compliance Services Department. As such it furthers Mount Sinai's commitment to excellent patient care by striving to assure the privacy, security, accessibility and integrity of our patients', research subjects' and employees' protected health information (PHI).

The department oversees development of requisite privacy and security policies and associated forms, including a comprehensive Notice of Privacy Practices. It also investigates privacy and security complaints and breaches and provides regulatory guidance to hospital staff, full time faculty and voluntary medical staff regarding HIPAA- related issues. It develops and provides annual HIPAA refreshers and targeted training sessions as appropriate. It conducts both scheduled and ad hoc audits and a biannual security risk assessment to ensure that Mount Sinai complies with federal, state and local regulations as well as with institutional regulations.

Notice of Privacy Practices (NOPP)

Notice of Privacy Practices (NOPP) – English [PDF]
Notice of Privacy Practices (NOPP) – Off Site Practices [PDF]

Authorization to Disclose to Third Party

Authorization to Disclose to Third Party – English [PDF]
Authorization to Disclose to Third Party –  Spanish [PDF]

Patient Access Request

Patient Access Request – English [PDF]
Patient Access Request – Spanish [PDF]

Revocation of Authorization

Revocation of Authorization [PDF]

Request for Amendment

Request for Amendment [PDF]