257
edits
Privacy/Confidentiality: Difference between revisions
Jump to navigation
Jump to search
no edit summary
Mhurlocker (talk | contribs) mNo edit summary |
Mhurlocker (talk | contribs) No edit summary |
||
| Line 78: | Line 78: | ||
== Definitions == | == Definitions == | ||
===Affiliated Covered Entity (ACE)=== | ===Affiliated Covered Entity (ACE)=== | ||
Legally separate covered entities that | Legally separate covered entities that designate themselves as a single covered entity for the purpose of HIPAA Compliance. Current ACE members are: The Nebraska Medical Center, UNMC Physicians, UNMC, University Dental Associates, Bellevue Medical Center and Nebraska Pediatric Practice, Inc. d/b/a Children’s Specialty Physicians. ACE membership may change from time to time. The Notice of Privacy Practices lists current ACE members. | ||
===Business Associate=== | ===Business Associate=== | ||
A third party who performs services on behalf of Nebraska Medicine/UNMC that involve the creation, receipt, maintenance or transmission of PHI. Some examples of such services include claims processing, data analysis, data processing, practice management, utilization review, quality assurance, patient safety activities, billing, benefit management and repricing. | A third party who performs services on behalf of Nebraska Medicine/UNMC that involve the creation, receipt, maintenance or transmission of PHI in any form, even if PHI is not accessed. Some examples of such services include storage, including cloud storage, claims processing, data analysis, data processing, practice management, utilization review, quality assurance, patient safety activities, billing, benefit management and repricing. | ||
===Designated Record Set (DRS)=== | ===Designated Record Set (DRS)=== | ||
Includes medical records and billing records about Individuals maintained by or for UNMC/ACE and any other record used by | Includes medical records and billing records about Individuals maintained by or for UNMC/ACE and any other record used by the ACE to make decisions about Individuals. | ||
===Individual=== | ===Individual=== | ||
The person who is the subject of the PHI. Personal representatives of the patient have the same rights as the Individual under HIPAA (i.e., they “step into the shoes” of the Individual). Personal representatives include the legal guardian and anyone else authorized by law to act on behalf of the Individual. (See Nebraska Medicine Consents and Permits policy, MS14). | The person who is the subject of the PHI. Personal representatives of the patient have the same rights as the Individual under HIPAA (i.e., they “step into the shoes” of the Individual). Personal representatives include the legal guardian and anyone else authorized by law to act on behalf of the Individual. (See Nebraska Medicine Consents and Permits policy, MS14). | ||
| Line 103: | Line 103: | ||
'''''In addition for purposes of this policy.''''' | '''''In addition for purposes of this policy.''''' | ||
===Information Security=== | ===Information Security=== | ||
Policies and practices designed to control access and protect information from unauthorized access, alteration, destruction, loss or disclosure. | |||
===Proprietary Information=== | ===Proprietary Information=== | ||
Information relating to Nebraska Medicine/UNMC business practices, including but not limited to financial statements, contracts, and business plans, employee records and meeting minutes. | Information relating to Nebraska Medicine/UNMC business practices, including but not limited to financial statements, contracts, and business plans, employee records and meeting minutes. | ||