HIPAA Policy - PROTECTED HEALTH INFORMATION (PHI) CONFIDENTIALITY STATEMENT
Terms and Conditions
Examples of Misuse
Accessing confidential information that is not within the scope of your duties
- Unauthorized reading of patient account information
- Unauthorized reading of a patient's claim
- Unauthorized access of personnel file information
- Accessing information that you do not "need-to-know" for the proper execution of your duties.
Misusing, disclosing without proper authorization, or altering confidential information:
- Making unauthorized marks on a patient's claim
- Making unauthorized changes to a personnel file
- Sharing or reproducing information in a patient claim or a personnel file with unauthorized personnel
- Discussing confidential information in a public area such as a waiting room or elevator.
Disclosing to another person your sign-on code and/or password for accessing electronic confidential information or for physical access to restricted areas
- Telling a co-worker your password so that he or she can log in to your work or access your work area
- Telling an unauthorized person the access codes for personnel files, patient accounts, or restricted areas.
Using another person's sign-on code and/or password for accessing electronic confidential information or for physical access to restricted areas
- Using a co-worker's password to log in to the MCCF computer system or access their work area
- Unauthorized use of a login code for access to personnel files, patient accounts, or restricted areas
Intentional or negligent mishandling or destruction of confidential information
- Leaving confidential information in areas outside of your work area, such as the breakroom or your home.
- Disposing of confidential information in a non-approved container, such as a trash can.
Leaving a secured application unattended while signed on
- Being away from your desk while you are logged into an application.
- Allowing a co-worker to use your secured application for which he or she does not have access after you have logged in.
Attempting to access a secured application or restricted area without proper authorization or for purposes other than official MCCF business
- Trying passwords and login codes to gain access to an unauthorized area of the computer system or restricted area
- Using a co-worker's application for which you do not have access after he or she is logged in.
The examples above are only a few types of mishandling of confidential information. If you have any questions about the handling, use or disclosure of confidential information please contact your supervisor, manager, or director.