Patient Data Confidentiality


Patient Data Confidentiality
and Remote Access Agreement
This Patient Data Confidentiality and Remote Access Agreement applies to workforce members who
are authorized to access electronic information systems, including but not limited to:
I understand that as a result of my own or my employer’s relationship (contractual or otherwise) with
the Alabama Department of Public Health involving access to or exchange of patient information, I
have a legal and/or ethical responsibility to safeguard the confidentiality and integrity of electronic
medical records, protected health information (PHI) and/or other proprietary data, including financial
information, to which I come in contact. I will access, use or disclose this confidential information
ONLY when it is necessary, appropriate and lawful to do so in the performance of my duties and in
accordance with the Department’s use and disclosure policies.
I understand that if I fail to adhere to the provisions of this confidentiality agreement or the
Department’s use and disclosure policies, I may be subject to remedial action, such as termination of
my employment or contract, formal warning, suspension and/or permanent revocation of
authorization to access electronic information systems.
Additional Terms and Conditions
1. I will access the Department’s electronic
containing electronic media (including smart
information systems and the data within ONLY
phones, tablets and other handhelds) when not
if I am authorized to do so AND I have a work-
in use, using password-protected screen
related reason based on my job or position. I
savers, and positioning
will not access these systems or the data
computer or mobile device screens that show
within for personal reasons of any kind.
confidential information away from the view of
unauthorized persons.
2. I will access PHI ONLY after having received
prior authorization, or when appropriate and
5. I understand that the Department reserves
lawful based on the Department’s use and
the right to log, access, review, monitor, audit
disclosure policies, the Health Insurance
or otherwise utilize information stored on or
Portability and Accountability Act of 1996
passing through its electronic information
systems in order to manage and enforce
(HIPAA), and/or other state and federal laws.
patient data privacy and security policies.
3. I will not in any way divulge, copy, release,
alter or destroy any confidential information,
6. When accessing electronic information
including PHI, except as authorized by the
systems, I will use ONLY those credentials
Department or as required by law.
assigned to me, which may include a User ID
and password. I will NOT:
4. I will avoid inappropriate disclosure of
a. share, disclose or publicly display my
confidential information, including PHI, by
credentials; or
using appropriate security measures. These
b. use tools or techniques to break, exploit or
measures may include, but are not limited to:
otherwise circumvent established security
locking up laptops, electronic media (such as
CDs and USB flash drives) and mobile devices
September 2014
Page 1


00 votes

Related Articles

Related forms

Related Categories

Parent category: Business
Page of 2