2. Accessing patient’s information
• Access patient information as it pertains to
• the performance of your job
• Access the minimum amount of information
needed to do the job
• Do Not access information you DO NOT need
to complete the task
3. Systems Access
• Do not use clinical/business systems to look up
phone numbers or addresses of patients, coworkers,
friends, family, etc.
• Do not use the clinical/business systems to
access information to satisfy curiosity about a patient
or coworker such as age or birth date and such.
• Be especially careful with ALL PHI about other
employees. Employees have expressed many
concerns about the confidentiality of their PHI.
4. What is a breach of
confidentiality?
A breach of confidentiality is a disclosure to a
third party, without patient consent or court
order, of private information that the physician
has learned within the patient-physician
relationship. Disclosure can be oral or written, by
telephone or fax, or electronically, for example,
via e-mail or health information networks. The
medium is irrelevant, although special security
requirements may apply to the electronic transfer
of information.
5. Consequences for
breach of confidentiality?
• Dismissal/termination or loss of privileges
Civil or criminal penalties andsanctions,
including:
• Monetary fines
• Imprisonment
• Violation of HIPAA Privacy Rule may be
reported to the Federal Office for Civil Rights.
6. Exceptions to authorization
requirements
1. Medical emergencies
2. Reporting information on communicable
diseases to the Health Department
3. Reporting child abuse, spousal abuse or elder
adult abuse
4. Organ donation activities
5. Disclosures required or allowed by law
7. Who to Contact if Breach is suspected
• Your Supervisor/Manager
• Your Department Compliance Coordinator
• The Privacy Officer
• Information Security Officer
• Compliance hot-line 1-800-hot-line