|
• |
All at-home staff must sign a confidentiality agreement.
|
|
• |
All at-home staff is familiar with privacy and confidentiality laws.
|
|
• |
Each person has a unique user login and password, and is responsible for maintaining confidentiality by never sharing passwords and by always locking or logging out of databases or transcription platforms when leaving the work area.
|
|
• |
Each person is accountable for all activity under their password and account. Such activity is regularly monitored.
|
|
• |
At-home staff must provide Heartland signed assurance that the computer used to process PHI is used strictly for that purpose.
|
|
• |
At-home staff must verify that their computer is in a secure location, facing away from traffic flow.
|
|
• |
At-home staff must have a working screen-saver when away from the computer and automatic logoff when the computer is not in use.
|
|
• |
Regular audits of at-home staff are conducted to assure accountability for PHI.
|
|
• |
If equipment must be repaired, all PHI is to be removed from the computer hard drive. A record is required of who made the repairs.
|
|
• |
In the case of theft of software, hardware or data from any at-home site, immediate notification must be provided to Heartland.
|
|
• |
At-home staff must have a shredder as a work tool and immediately shred any PHI as soon as the information has been utilized.
|
|
• |
Disclosure of confidential information is prohibited indefinitely – even after termination of contract – except when required to perform the normal requirements of contractual obligations.
|
|
• |
Upon termination or resignation, at-home staff must return all proprietary data.
|
|
• |
All at-home staff is expected to uphold the AHDI Code of Ethics with regard to PHI. |
