HIPAA at UT

The Health Insurance Portability and Accountability Act of 1996 (HIPAA) is a federal law that sets national standards to protect the privacy and security of individuals’ health information. It also gives individuals certain rights over their health data.

A group of medical students watch as one practices using a technique on an instructor.

The University of Tennessee is considered a hybrid entity under HIPAA, meaning it carries out both covered and non-covered functions. This designation allows the university to limit how HIPAA rules apply across our operations, while still ensuring full compliance where required.

When protected health information (PHI) must be shared with external parties, such as vendors or service providers, the university uses a Business Associate Agreement to ensure that those parties follow the same federal standards for safeguarding information.

To support our compliance efforts, the UT System has appointed dedicated HIPAA privacy and security officers. Contact information and helpful resources are provided below.

Contact Us

Have questions about HIPAA privacy, research use of PHI or need to report a potential compliance issue? Contact our HIPAA officers below for expert guidance.

Shauna Jennings

HIPAA Privacy Officer

shauna.jennings@tennessee.edu

615-667-6687

William Snodgrass Tennessee Tower
Nashville, TN 37243

Matt Williams

HIPAA Security Officer

mwilliams@tennessee.edu

865-974-7529

2309 Kingston Pike
Kingston Pike Building 01, Room 111

HIPAA at UT

HIPAA Resources

Contact Us

Shauna Jennings

Matt Williams

About the UT System

For UT Employees

Campuses & Institutes