3.2
Health Insurance Portability and Accountability Act (HIPAA) HIPAA laws protect the privacy and security of a patient’s past, present, and future physical and mental health information otherwise known as Protected Health Information (PHI). COPC complies with HIPAA by using administrative, technical, and physical safeguards to protect the use, storage, transport, transmission, and disposal of a patient’s PHI in all formats. All patients receive a Notice of Privacy Practices that outlines how their PHI will be used and disclosed by COPC, and their rights related to PHI maintained by COPC. All COPC employees and physicians receive HIPAA education and training at the time of employment personal information. Also included is COPC financial data, marketing strategies, proprietary processes including those related to patient care, research and development strategies, pricing information, business and marketing plans, vendor information, software, databases, or any information The unintentional disclosure of confidential information can be just as harmful as intentional disclosure. To avoid this, never discuss with any unauthorized person any confidential information about a patient or about the Company. Never discuss confidential information, even if with authorized employees, if in the presence of others who are not authorized. If employees receive a request for confidential information, they should immediately refer the request to their Direct Supervisor or to a member of the Human Resources Department. Should an employee leave the Company, they may not disclose or misuse any confidential information at any time. As a condition of employment, employees must Confidentiality COPC takes the protection of confidential business information and/or trade secrets very seriously. To protect such information, employees may not disclose any confidential or proprietary information about the Company to any unauthorized individual. This includes, but is not limited to, disclosing confidential or proprietary Confidential information includes, but is not limited to, employment records, employee or patient information of any kind which may uniquely identify a person, computer processes, computer programs and codes, patient lists, patient preferences, and
information to any unauthorized individual via methods such as covert recordings, scanning or photocopying, including the use of any device which may be considered a “smartphone” for these purposes. This policy is not intended to restrict in any way, employees’ rights under the National Labor Relations Act (NLRA). concerning the creation, acquisition or disposition of products and services. Confidential information also includes any information considered to be the intellectual property of the Company. Intellectual property includes, but is not limited to, trade secrets, ideas, discoveries, writings, trademarks, and inventions developed throughout the course of employment with, and as a direct result of, job responsibilities with the Company. agree that all such information is the exclusive property of the Company and they will not at any time disclose to anyone, except in the responsible exercise of their job, any such information whether or not it has been designated specifically as “confidential”. Signing a separate confidentiality agreement further clarifying this policy at the Company’s request may be a condition of continued employment with COPC, should the Company deem it necessary for any reason. The unauthorized disclosure of confidential information belonging to the Company may subject employees to disciplinary action, up to and including termination of employment.
3.3
and annually thereafter. COPC takes the privacy and security of patient PHI very seriously and HIPAA violations are subject to disciplinary action, up to and including termination of employment. In addition, the Department of Health and Human Services Office of Civil Rights (OCR) oversees COPC’s enforcement of HIPAA. Depending on the severity of a HIPAA violation, OCR sanctions can include fines, penalties, and prison. Report all privacy and security violations to the COPC Compliance Officer or call the COPC Compliance Hotline at (866) 539-5813.
Page 26
Made with FlippingBook - professional solution for displaying marketing and sales documents online