Policies & Procedures

Policy Description PDF
Breach Notification - Notification of Protected Health Information (PHI) Breaches This policy describes the assessment of possible breaches of PHI and outlines the proper notification procedures aimed to mitigate harm when a breach is determined. PDF logo
Compliance Reporting, Inquiries and Investigations This policy reinforces participation in DHSU’s Compliance Program, requires all individuals to abide by its directives, including reporting concerns of non-compliance, and provides the framework for the inquiry, investigation and follow up of such reports. PDF logo
Compliance Training This policy outlines the Compliance Training requirements and follow up processes for SUNY Downstate Health Sciences University's workforce.  Currently under revision
Complying with the Deficit Reduction Act of 2005:  Detection & Prevention of Fraud, Waste & Abuse This policy provides information regarding Federal & State statutes pertaining to false claims and statements, whistleblower protections under these laws and DHSU's policies and procedures for detecting and preventing fraud, waste and abuse. PDF logo
HIPAA Compliance For Policies & Procedures relevant to UHD and UPB HIPAA Compliance, please visit the HIPAA Website.
Record Retention & Disposition Information regarding the retention and disposition of official records of the campuses of the State University of New York: 
SUNY System Policy
The following link outlines, by record type, the minimum retention requirements: 
SUNY System Schedule for Health Information