1 107 Table of Contents 109 1327

Policy Manual sample

MDT Home Health Care Agency, Inc. CONFIDENTIALITY/PRIVACY OF PERSONAL HEALTH INFORMATION (PHI) POLICY: PURPOSE: To ensure that personal health information is protected so that individuals are not afraid to seek health care or to disclose sensitive information to health professionals. To ensure that our Agency transmits or shares data with external parties in compliance with local, state, and federal law or regulation. To also ensure that personal health information is protected during its collection, use, disclosure, storage and destruction within MDT Home Health Care Agency, Inc., (hereinafter "MDT Home Health Care Agency, Inc.") in accordance with the provisions of state and federal regulations. DEFINITIONS: Personal health information (PHI) means all information, recorded, written, electronic, telephone, cell phone communications, faxed or exchanged verbally about an identifiable individual that relates to: • The individual’s health, or health care history, including genetic information about the individual or the individual’s family. • Conduct or behavior which may be a result of illness or the effect of treatment. • The provision of healthcare to the individual. Individuals include co-workers or families of co-workers when they are patients of MDT Home Health Care Agency, Inc. • Payment for health care provided to the individual, and includes: The Personal Health Identification Number and any other identifying number, symbol or particular assigned to an individual, and any identifying information about the individual that is collected in the course of, and is incidental to, the provision of health care or payment for health care. • The patient’s personal information, including financial position, home conditions, domestic difficulties or any other private matters relating to the patient which have been disclosed to staff or persons associated with MDT Home Health Care Agency, Inc. Electronic PHI: shall mean PHI that is transmitted by or maintained in Electronic Media, and must be protected by password, encoding process, encryption, security backup maintained in secured protected area, under the responsibility of the Administrator or Designee. Compliance Officer - an employee, designated by MDT Home Health Care Agency, Inc., whose responsibilities include dealing with requests from individuals who wish to examine and copy or to correct personal health information collected and maintained by MDT Home Health Care Agency, Inc. and facilitating MDT Home Health Care Agency, Inc.’s compliance with applicable state and federal law. Persons Associated with MDT Home Health Care Agency, Inc.– includes all employees, and members of the Board of Directors of MDT Home Health Care Agency, Inc., contracted individuals, volunteers, students, information managers, or agents of any of the above. Home Health Agency Policies A-81

RkJQdWJsaXNoZXIy NTc3Njg2