HIPAA Privacy & Security

Mount Sinai’s Health Insurance Portability and Accountability Act (HIPAA), Privacy, and Security Compliance Program assures the privacy, security, accessibility, and integrity of each patient’s, research subject’s, and employee’s Protected Health Information (PHI).

Privacy & Security Policies and Procedures
HIPAA specialists develop comprehensive privacy and security policies and observe activities throughout the Health System to ensure that best practices are followed.

Investigations / Regulatory Reporting
Privacy and security complaints and alleged breaches are analyzed and regulatory guidance is provided to Mount Sinai individuals and business associates regarding HIPAA-related issues, as needed.  Mount Sinai also conducts scheduled and ad hoc audits, as well as security risk assessments, to confirm that federal, state, and local regulations, as well as institutional standards are all upheld.

Privacy & Security Education
HIPAA education is provided annually and specialized training sessions are provided as appropriate.

Notice of Privacy Practices (NOPP)

Notice of Privacy Practices (NOPP) – English [PDF]
Notice of Privacy Practices (NOPP) – Off Site Practices [PDF]

Authorization to Disclose to Third Party

Authorization to Disclose to Third Party – English [PDF]
Authorization to Disclose to Third Party –  Spanish [PDF]

Patient Access Request

Patient Access Request – English [PDF]
Patient Access Request – Spanish [PDF]

Revocation of Authorization

Revocation of Authorization [PDF]

Request for Amendment

Request for Amendment [PDF]

Request for Medical Records

Request for Medical Records [PDF]