Patient Privacy Investigations and Levels of Violation: Difference between revisions

140 bytes added , September 29

→‎Additional Information: updated Health Insurance Portability and Accountability Act of 1996 link 2x and HIPAA Security Rule link 2x

VisualWikitext

Afaylor

Bureaucrats, Administrators

1,735

edits

@@ Line 36: / Line 36: @@
 <big>'''Policy on Patient Privacy Investigations and Levels of Violation'''</big><br /><br />
 ==Purpose of Policy==
-Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] and the [https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule] outline considerations for the access control family of security controls.
+Nebraska Medicine/UNMC implements reasonable and appropriate access controls in alignment with National Institute of Standards and Technology (NIST) standards and guidance to maintain the minimum necessary access. [https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53] and the [https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html HIPAA Security Rule] outline considerations for the access control family of security controls.
 ==Policy==
-Nebraska Medicine/UNMC Workforce members shall report, and the [mailto:privacy@nebraskamed.com Privacy Office] shall investigate, suspected patient Privacy Incidents to ensure patient and employee/patient confidentiality is maintained and to help mitigate any adverse effects resulting from such incidents. Appropriate sanctions shall be consistently applied by Nebraska Medicine/UNMC for violations of patient privacy pursuant to the requirements of the [https://www.cdc.gov/phlp/publications/topic/hipaa.html Health Insurance Portability and Accountability Act of 1996 (HIPAA)].
+Nebraska Medicine/UNMC Workforce members shall report, and the [mailto:privacy@nebraskamed.com Privacy Office] shall investigate, suspected patient Privacy Incidents to ensure patient and employee/patient confidentiality is maintained and to help mitigate any adverse effects resulting from such incidents. Appropriate sanctions shall be consistently applied by Nebraska Medicine/UNMC for violations of patient privacy pursuant to the requirements of the [https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html Health Insurance Portability and Accountability Act of 1996 (HIPAA)].
 ==Procedures==
 #Suspected Privacy Incidents shall be reported to the Privacy Office immediately for further investigation.
@@ Line 102: / Line 102: @@
 Factors that may be considered in determining appropriate corrective action include, but are not limited to:
-#Whether the Workforce member’s conduct appears to be intentional or unintentional or inadvertant;
+#Whether the Workforce member’s conduct appears to be intentional or unintentional or inadvertent;
 #The magnitude of the violation, including the number of patients and the volume of PHI accessed or disclosed, keeping in mind that intentional unauthorized access, use or disclosure of even one patient’s PHI is an unacceptable breach to the affected patient;
 #Whether the conduct included an element of malice, or desire for personal or financial gain;
@@ Line 146: / Line 146: @@
 *Contact the [mailto:privacy@nebraskamed.com Privacy Officer] or the [mailto:privacy@nebraskamed.com Privacy Office] at 402-559-5136.
 *Contact [https://support.security.unmc.edu Office of Information Security] or 402-559-2545.
-*Contact [https://www.unmc.edu/human-resources/about/contact-hr.html Human Resources, Employee Relations], 402-559-7394, 402-559-8534 or 402-559-4371
+*Contact [https://www.unmc.edu/human-resources/about/index.html Human Resources, Employee Relations], 402-559-7394, 402-559-8534 or 402-559-4371
-*Contact Legal Services at _______________________  phone # and email(s)  (should this be UNMC or Nebraska medicine contacts? or both?)
+*Contact Legal Services at [mailto:Contracts@nebraskamed.com contracts@nebraskamed.com]
 *UNMC Policy No. 1098, [https://wiki.unmc.edu/index.php/Corrective/Disciplinary_Action Corrective and Disciplinary Action]
 *UNMC Policy No. 6045, [https://wiki.unmc.edu/index.php/Privacy/Confidentiality Privacy, Confidentiality and Security of Patient and Proprietary Information]
@@ Line 153: / Line 153: @@
 *UNMC Policy No. 6057, [https://wiki.unmc.edu/index.php/Use_and_Disclosure_of_Protected_Health_Information Use and Disclosure of Protected Health Information]
 *Nebraska Medicine Use and Disclosure of Protected Health Information policy, IM.12
-*[https://www.cdc.gov/phlp/publications/topic/hipaa.html Health Insurance Portability and Accountability Act of 1996 (HIPAA)]
+*[https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html Health Insurance Portability and Accountability Act of 1996 (HIPAA)]
 *[https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final NIST Special Publication 800-53]
-*[https://www.cdc.gov/phlp/publications/topic/hipaa.html#security-rule HIPAA Security Rule]
+*[https://www.cdc.gov/phlp/php/resources/health-insurance-portability-and-accountability-act-of-1996-hipaa.html HIPAA Security Rule]
-This page maintained by [mailto:dpanowic@unmc.edu dkp].
+This page maintained by [mailto:mhurlocker@unmc.edu mh].

Patient Privacy Investigations and Levels of Violation: Difference between revisions

Patient Privacy Investigations and Levels of Violation (view source)

Revision as of 13:50, September 29, 2025