Privacy/Confidentiality: Difference between revisions

Jump to navigation Jump to search
no edit summary
mNo edit summary
No edit summary
Line 78: Line 78:
== Definitions  ==
== Definitions  ==
===Affiliated Covered Entity (ACE)===
===Affiliated Covered Entity (ACE)===
Legally separate covered entities that are affiliated and designate themselves as a single covered entity for the purpose of HIPAA Compliance. Current ACE members are: The Nebraska Medical Center, UNMC Physicians, UNMC, University Dental Associates, Bellevue Medical Center and Nebraska Pediatric Practice, Inc. d/b/a Children’s Specialty Physicians. ACE membership may change from time to time. The Notice of Privacy Practices lists current ACE members. Access and amendment rights apply to designated record sets throughout the ACE.
Legally separate covered entities that designate themselves as a single covered entity for the purpose of HIPAA Compliance. Current ACE members are: The Nebraska Medical Center, UNMC Physicians, UNMC, University Dental Associates, Bellevue Medical Center and Nebraska Pediatric Practice, Inc. d/b/a Children’s Specialty Physicians. ACE membership may change from time to time. The Notice of Privacy Practices lists current ACE members.
===Business Associate===
===Business Associate===
A third party who performs services on behalf of Nebraska Medicine/UNMC that involve the creation, receipt, maintenance or transmission of PHI. Some examples of such services include claims processing, data analysis, data processing, practice management, utilization review, quality assurance, patient safety activities, billing, benefit management and repricing.
A third party who performs services on behalf of Nebraska Medicine/UNMC that involve the creation, receipt, maintenance or transmission of PHI in any form, even if PHI is not accessed. Some examples of such services include storage, including cloud storage, claims processing, data analysis, data processing, practice management, utilization review, quality assurance, patient safety activities, billing, benefit management and repricing.
===Designated Record Set (DRS)===
===Designated Record Set (DRS)===
Includes medical records and billing records about Individuals maintained by or for UNMC/ACE and any other record used by an ACE entity to make decisions about Individuals. Exact duplicates of records maintained by business associates are not considered part of the DRS. 
Includes medical records and billing records about Individuals maintained by or for UNMC/ACE and any other record used by the ACE to make decisions about Individuals.  
===Individual===
===Individual===
The person who is the subject of the PHI. Personal representatives of the patient have the same rights as the Individual under HIPAA (i.e., they “step into the shoes” of the Individual). Personal representatives include the legal guardian and anyone else authorized by law to act on behalf of the Individual. (See Nebraska Medicine Consents and Permits policy, MS14).
The person who is the subject of the PHI. Personal representatives of the patient have the same rights as the Individual under HIPAA (i.e., they “step into the shoes” of the Individual). Personal representatives include the legal guardian and anyone else authorized by law to act on behalf of the Individual. (See Nebraska Medicine Consents and Permits policy, MS14).
Line 103: Line 103:
'''''In addition for purposes of this policy.'''''
'''''In addition for purposes of this policy.'''''
===Information Security===
===Information Security===
The set of policies and practices designed to protect PHI from any unauthorized access, use, disclosure, modification, destruction or loss.
Policies and practices designed to control access and protect information from unauthorized access, alteration, destruction, loss or disclosure.
===Proprietary Information===
===Proprietary Information===
Information relating to Nebraska Medicine/UNMC business practices, including but not limited to financial statements, contracts, and business plans, employee records and meeting minutes.
Information relating to Nebraska Medicine/UNMC business practices, including but not limited to financial statements, contracts, and business plans, employee records and meeting minutes.

Navigation menu