"HIPAA" stands for the Health Insurance Portability and Accountability Act of 1996. Every employer, clinic, hospital and employee is required to ensure the confidentiality of a patient's health information. Individuals in organizations who have access to health information must sign confidentiality agreements.
Confidentiality agreements under HIPAA are very strict. Any disclosure of an individual’s information, no matter how it was attained or revealed, is taken seriously. Negligence and carelessness are not excuses. Employees are not to disclose any personal information, even after they no longer work for the organization. Also, unauthorized disclosure must be immediately reported to protect the individual whose records have been breached.
Employees who release any information about an individual or the past actions of any other employee or individual in the organization may be subject to disciplinary action due to the confidentiality agreements that they must sign. This disciplinary action could include reprimand, suspension or termination.
Information about an employee’s health, family, address, friends, patients, clients, co-workers or any other personal information cannot be accessed or disclosed under any circumstances. Other information that is protected includes the employee’s employment records, including benefits, pay and disciplinary actions. Similar client information is also protected under HIPAA.
Personal information should only be accessed if it is necessary to complete the duties of the position. An employee, client or individual with a relationship to the company must disclose any information to the company that could affect the relationship. Only information that affects the duties of either party is shared. Any information on a computer must be protected and accessed through passwords. Access to any information must be secured against unlawful disclosure.