DONALSONVILLE HOSPITAL, INC. & SEMINOLE MANOR NURSING HOME

I,  an employee, volunteer, or other member of the Workforce or Medical Staff of  DONALSONVILLE HOSPITAL, INC. Health System, acknowledge that I have completed training on the Health System’s privacy, security, and breach notification policies and the privacy/security regulations issued under the Health Insurance Portability and Accountability Act of 1996 (also known as the HIPAA Privacy, Security and Breach Notification Rules and HITACH Act 2013).
 
 
DEFINITION – Protected health information (PHI)
Individually identifiable information (oral, written or electronic) including, but not limited to, information about a patient’s physical or mental health, the receipt of healthcare, or payment for that care; patient records; name, address, Social Security number, account number and others.  Individually identifiable health information in Donalsonville Hospital employment records is not PHI; however, it may be subject to other state and federal privacy protections.
 
 
(Initial each statement)

Question Title

* 1. I understand that all patient information, including billing and financial data (called protected health information or “PHI”), is confidential. I may not disclose any personal information obtained through records or documents viewed or obtained though the normal course of business at the Donalsonville Hospital.

Question Title

* 2. I understand that I may not disclose any patient identifiable information of any kind on any social media without the express written permission of the patient. Even if an individual is not identified by name within the information you consider to use or disclose, if there is a reasonable basis to believe that the person could still be identified from the information, then its use or disclosure could constitute a violation of the Health Insurance Portability and Accountability Act (HIPAA) and Donalsonville Hospital confidentiality policy.

Question Title

* 3. I agree to comply with all Health System Privacy and Security Policies and Procedures, including those implementing the HIPAA Privacy and Security Rules.

Question Title

* 4. I understand that if I violate patient confidentiality by using or disclosing patient information improperly, I will be subject to disciplinary action up to and including termination of my employment. I understand that I could also be subjected to fines, imprisonment, and/or civil liability for improper use or disclosure of PHI.

Question Title

* 5. I understand that if I have any questions or concerns about the Privacy or Security Rules and/or the proper use of disclosure of PHI, I should ask my supervisor, the Health System Privacy Officer, the Health System Compliance Officer, or the Health System Security Officer.

Question Title

* 6. I understand that I should not share my password and that my activities on the Health System computers are monitored.

Question Title

* 7. I understand that I should not forward, copy, download or otherwise remove or disclose PHI outside the Health System without express permission of my supervisor, unless in the line of my job duties.

Question Title

* 8. I understand that I should not post patient information on ANY internet-based websites or social media websites- including, but not limited to, Face book, Twitter, You Tube, Drop boxes, Blogs, Video etc….

Question Title

* 9. I understand I should encrypt all outgoing emails that contain protected health information.

Question Title

* 10. I understand I should not email PHI to private email addresses, and I should not save PHI to unencrypted drives, CDs or other portable devices.

Question Title

* 11. I understand I should shred or place in a shred-container all paper documents containing PHI.

Question Title

* 12. I understand that I should not take photos or videos of patients with personal camera devices, camera, cell phone or any other social media devices. This policy applies to employees and workforce staff members using social media while at work. It also applies to the use of social media when away from work, when the employee’s Donalsonville Hospital affiliation is identified, known or presumed. It does not apply to content that is non-healthcare related or is otherwise unrelated to Donalsonville Hospital.

Question Title

* 13. I understand that it is my responsibility to report any and all potential privacy or security breaches (inappropriate uses or disclosures of PHI) or patient security incidents to the HIPAA Privacy Officer or HIPAA Security Officer.

Question Title

* 14. If I am a Health System Medical Staff member, I understand and agree that I will be operating under a Joint Notice of Privacy Practices with the Health System but I should maintain separate policies and procedures if operating a private medical practice or other health care facility. I understand that once I print, download, forward, or access a document from the Health System medical record, then that document is deemed to be part of my professional office medical record, and I am responsible for keeping that document secure under my own HIPAA compliance obligations.

Question Title

* 15. I agree to be respectful and not post any material that is obscene, defamatory, profane, libelous, threatening, harassing, abusive, hateful, or embarrassing to another person when posting to Donalsonville Hospital sites.

Question Title

* 16. I agree to abide by the law and respect copyright laws. Employees may not post content or conduct any activity that fails to conform to any and all applicable state and federal laws.

Question Title

* 17. I agree not to disclose any confidential or proprietary information of or about Donalsonville Hospital, its affiliates, vendors, or suppliers, including, but not limited to business and financial information, represent that I am communicating the views of Donalsonville Hospital, or do any thing that might reasonably create the impression that I am communicating on behalf of or as a representative of Donalsonville Hospital.

Question Title

* 18. I understand that on self -hosted sites I must not say or suggest that the views and opinions I express related to Donalsonville Hospital and healthcare topics represent the official views of Donalsonville Hospital.

Question Title

* 19. Employee Name:

Question Title

* 20. Department (select one from the following):

T