The University of Iowa College of Dentistry and Dental Clinics logoLink to University of Iowa home pageLink to College of Dentistry and Dental Clinics home page

  college of dentistry mission graphic

Policies and Procedures

Acceptable Use of Information Technology:  To ensure a highly robust, continuously available, fair, and effective environment that serves the University's computing needs, institutional and external standards for acceptable use must be applied. Each individual user must therefore comply with institutional and external standards for acceptable use of these shared resources.

Administrator Rights:  This policy applies to the College of Dentistry's policy on administrator accounts on College of Dentistry computers.

Apple Computer Support Policy:  This policy applies to the College of Dentistry’s support of Apple computer products.

Audit Control Policy:  This policy applies to the College of Dentistry’s policy on auditing PHI.

AxiUm Auto Logout Policy:  The purpose of this policy is to ensure that College of Dentistry's Protected Health Information (PHI) is protected from unauthorized access by users leaving workstations unattended with axiUm running.

Backup Policy:  This policy applies to the College of Dentistry’s policy on backup of network storage space and PHI.

Breach of PHI - Incident Report:  This form is to be used to document any breach of protected health information that is reported involving the College of Dentistry, its clinics and its patients.

Breach of PHI - Process:  These procedures apply to the College of Dentistry's protocol for documenting, investigating and reporting breaches in protected health information.

Cloud Storage Policy:  This policy applies to all College of Dentistry faculty and staff using a cloud based service to store institutional data.

College of Dentistry Acceptable Use of Information Technology:  This policy applies to the College of Dentistry’s Acceptable Use of Information Technology.

College of Dentistry Email Policy: The College of Dentistry uses email services supported by University ITS, and follows University acceptable use policy and procedures.

Computer Inventory & Purchasing Policy:  This policy applies to the College of Dentistry’s protocol for purchasing and inventory of computer equipment and peripherals.

Computer Wiping Policy:  This policy applies to the College of Dentistry’s policy on wiping computer hard drives.

Consent to Release Health Information:  This policy applies to the College of Dentistry’s (COD) protocol for requesting the copies of patient records.

De-identification of PHI Policy:  This policy applies to the College of Dentistry’s protocol for de-identification of PHI.

Digital Camera or Other Device Data Protection Policy:  This policy applies to the College of Dentistry’s protocol on storage media used in digital cameras, cell phones and all other devices used to capture patient photographs. Digital radiology images are not included in this policy as they are stored in our PACS system.

Disposal of Protected Patient Information (PHI):  This policy applies to the College of Dentistry's policy on how to dispose of protected patient information (PHI).

Documentation of HIPAA Compliance:  This policy applies to the College of Dentistry’s protocol for documentation of HIPAA compliance.

Encryption of Protected Health Information (PHI): This policy applies to the College of Dentistry’s protocol to encrypt Protected Health Information (PHI).  See the encryption instructions for Windows and Macs.

Granting Access to PHI Policy:  This policy applies to the College of Dentistry’s policy on how COD employees are granted access PHI, specifically axiUm and MiPacs.

Home Computer Policy:  This policy applies to the College of Dentistry's Procedures for supporting home computers..

Non-COD PHI Access Policy:  This policy applies to the College of Dentistry’s policy on how non COD employees access COD PHI data, specifically axium and MiPacs.

PHI Patient Access Policy:  This policy applies to the College of Dentistry’s policy on how COD employees can access patient records in the Oral Health Information System.

Procedures for Computing Products:  This policy applies to the College of Dentistry's Procedures for Computing Products.

Remote PHI Access Policy:  This policy applies to the College of Dentistry’s policy on accessing PHI from off campus.

Requests for Records Copies:  This policy applies to the College of Dentistry's (COD) protocol for requesting the copies of patient records.

Requests to Amend Patient Records:  This policy applies to the College of Dentistry’s (COD) protocol for accepting and responding to requests for amending information contained in patient records.

Required Disclosures:  This policy applies to scenarios when the College of Dentistry is required by HIPAA to disclose patient records.

Right to an Accounting of Disclosures:  This policy applies to a patient’s right to an accounting of disclosures of protected health information.

Risk Assessment Policy:  This policy applies to the College of Dentistry’s policy on conducting Security Risk Assessments.

Server Room Access Policy:  This policy applies to the College of Dentistry’s policy on access to the server room and environmental controls.

University IT Policies and Procedures:  the official location of IT Policies that govern our institution in the use of information technology resources.

Vendor Supplied Hardware & Software Policy:  This policy applies to the College of Dentistry’s policy on vendor supplied systems, including hardware and software.

Workstation Access Method Policy:  This policy applies to the College of Dentistry’s policy on how COD employees access COD computers.