WesternU Student and Employee Confidentiality Agreement

IMPORTANT:

This agreement applies to all individuals who have access to WesternU Health’s clinical computing resources, whether you are an employee or not.

Please read all sections of this Agreement. 

CONFIDENTIAL INFORMATION AGREEMENT:

  • I recognize that the services provided by WesternU Health for its patients/clients are private and confidential; that to enable WesternU Health to perform those services, patients furnish information with the understanding that it will be kept confidential and used only by authorized persons as necessary in providing these services; that the good will of WesternU Health depends upon keeping services and information confidential; that certain legal obligations attached to this information and that by reason of my duties or in the course of my employment/volunteering I may receive or have access to verbal, written, visual or electronic/automated information concerning patients and services performed by WesternU Health even though I might not furnish the services provided for those patients/clients.

  • I hereby agree that, except as a part of my job responsibilities or as directed by WesternU Health or by University Legal Counsel, I will not disclose any such services or information. Furthermore, I will not permit any person to inappropriately examine or make copies of any reports or other documents, or any information to which I have access, which concerns in any way the patients/clients of WesternU Health. I also agree that I will not access or review patient information for any reason not related to the provision of clinical care or other authorized purposes such as research, education, quality assurance, billing or utilization review.

  • I will not at any time reveal to anyone my confidential access codes to WesternU Health’s staff and clinical computing resources, and I will take all reasonable measures to prevent the disclosure of my access codes to anyone. I also understand that WesternU Health may, at any time, monitor and audit my use of the electronic/automated health record and computing systems.

  • I understand that this agreement is in effect both during and after my involvement in any activity related to the care and treatment of patients/clients of WesternU Health.

  • I have read, understand and agree with this Confidentiality Agreement. I recognize that unauthorized disclosure or access of information by me may violate state and federal laws and cause irreparable injury to WesternU Health or harm to the patient/client and may result in disciplinary and/or legal action being taken against me.

Acknowledgements:

  • It is my legal and ethical responsibility as an authorized user to preserve and protect the privacy, confidentiality and security of all confidential information relating to WesternU Health, its patients, activities and affiliates, in accordance with the applicable state and federal laws as well as University policy.

  • I will access, use, or disclose confidential information only in the performance of my training, when required or permitted by law, and disclose information only to those persons who have the legal right to receive that information. When using or disclosing confidential information, I will use or disclose only the minimum information necessary.

  • I will discuss confidential information for patient-related purposes only with my supervising faculty or other members of the patient’s healthcare team. I will not knowingly discuss any confidential information within the hearing of other persons who do not have the legal right to receive the information. I will protect confidential information that is disclosed to me in the course of my clinical rotation with WesternU Health.

  • Because special protections by law require specific authorization for release of mental health records, drug abuse records, and any and all references to HIV (such as clinical tests, laboratory or otherwise, used to identify HIV, a component of HIV, or antibodies or antigens to HIV) I will defer such authorization for release to my supervising faculty or healthcare provider.

  • In accordance with WesternU Health HIPAA/HITECH related policies, I understand that my access to all WesternU Health electronic information systems is subject to compliance review by WesternU’s Information Technology (IT) Department and the University Compliance Office that includes written reports on whom has accessed a patient’s health record(s).

  • My assigned User ID(s) constitutes my signature and I will be responsible for all entries made under my User ID(s). I agree to always log off of any workstation I was logged into.

  • It is my responsibility to follow safe computing guidelines. To this end, I agree not to share my User ID or password(s) with any other person. I am responsible for any potential breach of confidentiality resulting from access made to WesternU Health’s electronic information systems (including mobile devices) using my user ID and/or password(s). If I believe someone else has used my User ID and/or password(s), I will immediately report my suspicion to the IT department (909-469-5432) and I will immediately change my password.

  • I also understand that at no time am I to discuss any of the cases, take photographs or videos using my personal phone, or other form of electronic devices, upload any photographs, blog, or tweet about any of the cases I have seen on any form of social media, e.g., Facebook, Twitter, Snap Chat instant messaging; additionally, I will not download, screenshot, or print any documents from the electronic health record (EHR) system, or utilize any other methods to attempt to capture or reproduce any documents from the EHR system.

  • I also understand that I am responsible for immediately reporting any security breaches to my supervising faculty or healthcare provider.

  • Under state and federal laws and regulations governing a patient’s right to privacy, unlawful or unauthorized access to, or use or disclosure of, patients’ confidential information may subject me to: disciplinary action up to and including immediate dismissal from Western University of Health Sciences; civil fines for which I will be personally responsible; and, criminal sanctions.

  • In the event of a Pandemic or Public Health Emergency, it may be necessary to remotely access a patient’s health record from my personal electronic device. In this case, I will be given a different login procedure to use. All HIPAA/HITECH related policies and the information contained herein applies, including not taking photos/videos of the screen. I also understand I must immediately report to the university’s IT Department (909-469-5432) if any of the electronic devices I used to access the health record is stolen, lost, or hacked.

 

Print Article

Related Articles (1)

WesternU HIPAA Training and Certification
This purpose of this article is to explain the various scenarios in which a student and/or staff member may request access to the medical records systems and the necessary requirements they need to fulfill in order for their request to be granted.