Eli's Rehab Report

Published on Fri Jun 17, 2011 PDF

Don't assume your non-medical staff or associates won't see confidential data.

Not all your practice's visitors are there for therapy. Some will have incidental access to your patient records -- whether it's by giving demonstrations of new products and services, cleaning up after hours, or using your space for related services.

Before any more non-authorized personnel enter your non-public areas, make sure they both understand your definition of confidential information and promise to protect its integrity. Use this sample confidentiality agreement, created by Kelley Meeusen, compliance officer for Harrison Hospital in Bremerton, WA, as a guide to creating a contract that keeps your patients' info private.

Access and Confidentiality Agreement

As an employee or contract personnel at [Practice], you may have access to confidential information. The purpose of this agreement is to help you understand your duty and responsibilities regarding confidential information.

The violation of any of the following duties will subject you to discipline, which may include, but is not limited to, termination of employment or [Practice] affiliation and to legal liability. You make the following agreement with [Practice]:

1. I will use confidential information only as needed to perform my legitimate duties as an associate of [Practice].

This means:

a. I will only access confidential information for which I have a need to know.

b. I will not in any way divulge, copy, release, sell, loan, review, alter or destroy any confidential information except as properly authorized within the scope of my approved activities.

c. I will not misuse or be careless with confidential information.

2. I will report any improper action taken by another [Practice] associate that may compromise the integrity of confidential information.

3. I understand that my obligations under this Agreement will continue after termination of my employment or affiliation. I understand that my privileges to access and use confidential information hereunder are subject to periodic review, revision and if appropriate, renewal.

4. I understand that I have no right or ownership interest in any confidential information referred to in this Agreement.

5. My username/password is equivalent to my legal signature and I will not disclose this information to anyone or allow anyone to access the system using my username/password.

6. I am responsible and accountable for all entries made and all retrievals accessed with my username/password, even if such action was made by another due to my intentional or negligent act or omission. Any data available to me will be treated as confidential information.

7. I will not attempt to learn or use another employee's username/password.

8. I will not access any computer system using a username/password other than my own.

9. If I have reason to believe that the confidentiality of my username/password has been compromised, I will immediately change my password and notify management staff.

10. I will not leave a secured computer application unattended while signed on.

11. I will comply with all policies and procedures and other rules of [Practice] relating to confidentiality of information and username/passwords.

12. I understand that my use of the system will be periodically monitored to ensure compliance with this agreement.

Signature: ______________________________________

Date: ______________