Health Information Compliance Alert

Privacy:

KEEP PHI STRICTLY CONFIDENTIAL

Although it should be painfully obvious by now to all covered entities that protected health information has to be properly safeguarded, it never hurts to document the "dos and don'ts" of PHI disclosure - and that's exactly where Confidentiality Agreements come in.
 
Kathy Gilles, privacy officer at Evergreen Healthcare in Seattle, tells Eli that her organization has had a Confidentiality Agreement in place for a while, but says she was part of a team that considerably revamped it last year so that it could be implemented well in advance of the April privacy rule compliance deadline.

 "The purpose of the form is more than just to meet HIPAA requirements, but also to make sure that employees are aware that we do have the right to monitor what they're doing using our resources," Gilles explains. "We do have some Web filtering in place, so we have the ability to go in and look at what Web sites people have gone out and visited. The form is also intended to make people aware of that," she adds. Take a look on page 51 to see how Evergreen approaches PHI confidentiality with its staff.

Other Articles in this issue of

Health Information Compliance Alert

View All