Health Information Compliance Alert

Published on Thu May 01, 2008 PDF

Protect your organization's PHI from sales pitches.

Before another vendor enters your non-public areas, make sure they both understand your definition of confidential information and promise to protect its integrity. Use this sample agreement, created by Kelley Meeusen, compliance officer for Bremerton, WA's Harrison Hospital, as a guide to creating a contract that works for your organization.

As an employee or contract personnel at [Organization], you may have access to confidential information. The purpose of this agreement is to help you understand your duty and responsibilities regarding confidential information.

The violation of any of the following duties will subject you to discipline, which may include, but is not limited to, termination of employment or [Organization] affiliation and to legal liability. You make the following agreement with [Organization]:

1. I will use confidential information only as needed to perform my legitimate duties as an [Organization] associate.

This means:

a. I will only access confidential information for which I have a need to know.

b. I will not in any way divulge, copy, release, sell, loan, review, alter or destroy any confidential information except as properly authorized within the scope of my approved activities.

c. I will not misuse or be careless with confidential information.

2. I will report any improper action taken by another [Organization] associate that may compromise the integrity of confidential information.

3. I understand that my obligations under this Agreement will continue after termination of my employment or affiliation. I understand that my privileges to access and use confidential information hereunder are subject to periodic review, revision and if appropriate, renewal.

4. I understand that I have no right or ownership interest in any confidential information referred to in this Agreement

5. My username/password is equivalent to my LEGAL SIGNATURE and I will not disclose this information to anyone or allow anyone to access the system using my username/password.

6. I am responsible and accountable for all entries made and all retrievals accessed with my username/password, even if such action was made by another due to my intentional or negligent act or omission. Any data available to me will be treated as confidential information.

7. I will not attempt to learn or use another employee's username/password.

8. I will not access any computer system using a username/password other than my own.

9. If I have reason to believe that the confidentiality of my username/password has been compromised, I will immediately change my password and notify the Information Systems Help Desk.

10. I will not leave a secured computer application unattended while signed on.

11. I will comply with all policies and procedures and other rules of [Organization] relating to confidentiality of information and username/passwords.

12. I understand that my use of the system will be periodically monitored to ensure compliance with this agreement.

Signature: _______________________________________________ Date:__________________________