Systemwide Human Resources

HIPAA Portal

Welcome to the Systemwide HIPAA Portal. This site is designed for HIPAA Privacy and Security Representatives at CSU campuses, including Information Security Officers (ISO).

The California State University is mandated by federal law to comply with the federal Standards for Privacy and Security of physical and electronic Individually Identifiable Health Information under Title II of the Health Insurance Portability and Accountability Act of 1996 (known as HIPAA), as amended by the Health Information Technology for Economic and Clinical Health (HITECH) Act (Title XIII, Subtitle D of the American Recovery and Reinvestment Act of 2009).

The HIPAA Privacy Rule requires appropriate safeguards to protect the privacy of personal health information (PHI), including individual medical records and sets limits and conditions on the uses and disclosures that may be made of such information. At the CSU, the HIPAA Privacy Rule is enforced by the CSU HIPAA Privacy Official within Human Resources Management (HRM), in the Chancellor's Office:

CSU HIPAA Privacy Official:
Michelle Hamilton
CSU Office of the Chancellor, Human Resources Management
401 Golden Shore, Long Beach, CA 90802
Phone: (562) 951-4413 or (562) 951-4411
Facsimile: (562) 951-4954
E-mail: mhamilton@calstate.edu

The HIPAA Security Rule requires covered entities to maintain reasonable and appropriate administrative, technical, and physical safeguards for protecting electronic PHI (e-PHI). At the CSU, the HIPAA Security Rule is enforced by the Chief Information Security Officer at the Chancellor's Office, who also serves a dual role as the CSU HIPAA Security Official:

CSU HIPAA Security Official:
William Perry

CSU Office of the Chancellor, Information Security Office
401 Golden Shore, Long Beach, CA 90802
(562) 951-4638
Facsimile: (562) 951-4391
E-mail: wperry@calstate.edu

If a breach of physical PHI or ePHI occurs, it must be reported immediately upon discovery to the CSU HIPAA Privacy and CSU HIPAA Security Officials listed above, in addition to the campus Information Security Officer (ISO).

For additional information regarding HIPAA, as amended by HITECH, please refer to the links listed under HIPAA Resources.