Patient Privacy Investigations and Levels of Violation: Difference between revisions

Jump to navigation Jump to search

Patient Privacy Investigations and Levels of Violation (view source)

Revision as of 09:09, October 6, 2020

234 bytes removed ,  October 6, 2020
no edit summary
VisualWikitext
mNo edit summary
No edit summary
Line 35: Line 35:
<big>'''Policy on Patient Privacy Investigations and Levels of Violation'''</big><br /><br />
<big>'''Policy on Patient Privacy Investigations and Levels of Violation'''</big><br /><br />
==Purpose of Policy==
==Purpose of Policy==
The University of Nebraska Medical Center (UNMC) takes protecting personal or confidential information including, but not limited to, electronic protected health information, education records, and cardholder data that the organization creates, uses, discloses, transmits or stores (collectively, “protected information”) extremely seriously. Our goal is to reach a level of security awareness that reduces the risk of improper access to, or use or disclosure of, protected information.   
The University of Nebraska Medical Center (UNMC) takes protecting protected health information extremely seriously. Our goal is to ensure consistent investigation of, and to apply consistent sanction to impermissible uses or disclosures of protected health information.   
==Policy==
==Policy==
UNMC Workforce Members shall report, and the Privacy Office shall consistently investigate, suspected patient privacy incidents to ensure patient and employee/patient confidentiality is maintained and to mitigate any adverse effects resulting from such incidents. Consistent sanctions shall be applied by UNMC for violations of patient privacy pursuant to the requirements of the Health Insurance Portability and Accountability Act (HIPAA).
UNMC Workforce Members shall report, and the Privacy Office shall consistently investigate, suspected patient privacy incidents to ensure patient and employee/patient confidentiality is maintained and to mitigate any adverse effects resulting from such incidents. Consistent sanctions shall be applied by UNMC for violations of patient privacy pursuant to the requirements of the Health Insurance Portability and Accountability Act (HIPAA).
Line 92: Line 92:
#The magnitude of the violation, including the number of patients and the volume of PHI accessed or disclosed, keeping in mind that intentional improper access of even one patient is a significant breach to the affected patient;
#The magnitude of the violation, including the number of patients and the volume of PHI accessed or disclosed, keeping in mind that intentional improper access of even one patient is a significant breach to the affected patient;
#Whether the conduct included an element of malice, or desire for personal or financial gain;
#Whether the conduct included an element of malice, or desire for personal or financial gain;
#The risk of reputational, financial or other harm to the victim(s) or Nebraska Medicine;
#The risk of reputational, financial or other harm to the victim(s) or UNMC;
#Whether the Workforce Member has committed prior privacy violations; and
#Whether the Workforce Member has committed prior privacy violations; and
#The Workforce Member’s conduct and cooperation during the investigation.
#The Workforce Member’s conduct and cooperation during the investigation.
Retrieved from "https://wiki.unmc.edu/index.php/Special:MobileDiff/11850"

Navigation menu