Policy Manual sample

MDT Home Health Care Agency, Inc. subject of the information, and the protected health information pertains to the relationship; and < The disclosure is for a quality-related health care operations activity or for the purpose of health care fraud and abuse detection or compliance. PROTECTION OF RECORDS/HIPAA COMPLIANCE Specific bylaws governing the protection of records are as follows: (a) All records (patient files, personnel files, administrative files) shall be filed under a generally accepted principle of HIPAA filing. (b) Every file shall be filed in a file cabinet, or room setup for them with locked door. (c) All file cabinets (if applicable) shall be protected and be equipped with a lock system, and keys to the cabinets shall be accessible only to designated staff personnel. (d) A file movement register shall be maintained to monitor the movement of files. Such a register shall have columns showing the date, time, number of file, name of staff removing file from the cabinet, date/time returned and signature of staff making entry. (e) No information regarding any aspect of contents of office files shall be released to any person who is not a staff member of this agency without prior approval from the Administrator or the Director of Nursing, Clinical Manager. (f)In relation to patient clinical records, no such information concerning those records shall be released to any person without the written consent of the patient concerned. (g) On no account shall information on any protected record be released to anyone over the telephone. (h) All records of this agency shall remain a jealously guarded secret of this agency. This is the language of the medical profession. (i) Electronic PHI must be protected by password, encoding process, encryption, security backup maintained in secured protected area, under the responsibility of the Administrator or Designee. The execution of a Personal Health Information Pledge of Confidentiality ("Confidentiality Pledge") attached hereto as Appendix A-1 is required as a condition of employment or contract or association or appointment with MDT Home Health Care Agency, Inc. All MDT Home Health Care Agency, Inc. employees and Persons Associated with MDT Home Health Care Agency, Inc. shall sign the Confidentiality Pledge at the commencement of their relationship with MDT Home Health Care Agency, Inc. The Confidentiality Pledge shall also be signed each time there is a substantial change in an individual’s position, as determined by the department, program or division responsible for the individual. Discretion is also available to require a re-signing of a Confidentiality. Unauthorized use or disclosure of confidential information shall result in a disciplinary response up to and including termination of employment or contract or association or appointment. A person convicted of an offense may be required to pay a fine as provided by law. A confirmed breach of confidentiality may be reported to the individual’s professional regulatory body. All individuals who become aware of a possible breach of the security or confidentiality of personal health information shall follow the procedures outlined below. Home Health Agency Policies A-84