Confidentiality: Dos and Don’ts For Employees and Volunteers

Regarding Verbal Communication

• Patient information should not be discussed where others can overhear the conversation, e.g. in hallways, on elevators, in the cafeterias, on the shuttle buses, on public transportation, at restaurants, at social events. It is not OK to discuss clinical information in public areas even if a patient's name is not used. This can raise doubts with patients and visitors about our respect for their privacy.

• Dictation of patient information should occur in locations where others cannot overhear.  Back to Top

Regarding Written Information

• Confidential papers, reports, and computer printouts should be kept in a secure place.

• Confidential papers should be picked up as soon as possible from copiers, mail boxes, conference room tables, and other publicly accessible locations.

• Confidential paper should be appropriately disposed of, e.g. torn or shredded, when they are no longer needed. Back to Top

Regarding Employee and Volunteer Conduct

• Employees with access to information about patients, employees, or business matters may only obtain information that is necessary for job performance. Regardless of the format in which information is obtained, i.e. verbal, written, electronic or other technologic formats yet to be developed, it must be treated with the same level of confidentiality

• Accessing any information other than what is required to do your job is a violation of the Partners Confidentiality Policy, even if you don’t tell anyone else.

• Accessing data must not occur simply to satisfy a curiosity. It is unacceptable to look up data, e.g. a friend’s birthday, address or phone number. Information is only viewed when required for one’s job.

Regarding Reproducing Patient Information (E.G. faxing, photocopying)

• Fax machines are the least controllable technology when one transmits patient information. It is critically important when faxing information that the sender has the correct fax number, that they know the receiving fax machine is in a secure location, and that the patient has signed a Release of Information that allows us to release their health information to another location.

• Fax cover sheets should contain the following wording:

• When receiving faxed patient information:

1. Immediately remove the fax transmission from the fax machine and deliver it to the recipient.
2. Manage patient information received via fax as confidential in accordance with policy.
3. Destroy patient information faxed in error and immediately inform the sender.

• The following types of medical information are protected by federal and/or state statute and may NOT be faxed or photocopied outside the individual organization, and/or practice without specific written patient authorization:
  
  
  • Confidential details of:
    1. Psychotherapy (from records of treatment by a psychiatrist, licensed psychologist or psychiatric clinical nurse specialist.)
    2. Other professional services of a licensed psychologist
    3. Social Work Counseling/Therapy
    4. Domestic Violence Victims’ Counseling
    5. Sexual Assault Counseling
       

• HIV test results (Patient authorization required for each release request)
• Records pertaining to Sexually Transmitted Diseases
• Alcohol and Drug Abuse Records that are protected by Federal Confidentiality Rules (42 CFR Part 2)

• Questions about faxing patient information or routine patient information requests should be sent to the Health Information Department.   Back to Top

Regarding Computer Information

• Sharing a password instead of having your own password is prohibited.
• Passwords must not be written down where others can find and/or use them.
• Employees and volunteers must not log on and let someone else use a computer under their password.
• Employees and volunteers must log off the computer system when leaving a workstation. 
  
   Back to Top