Community Service Payments
Donate
Community Service Payments
Donate

PRIVACY STATEMENT

Click on the links below to jump to each section:
  1. What does HIPAA stand for?
  2. What is HIPAA privacy rule?
  3. What is protected health information?
  4. Who is required to comply with HIPAA?
  5. Under what conditions must you protect any of the previously mentioned pieces of information?
  6. Are there conditions that PHI may be released?
  7. Are there limitations for release of PHI?
  8. How to secure various types of PHI you encounter on a regular basis?
  9. Why is this important to you as a volunteer?
  10. ALWAYS REMEMBER…

What does HIPAA stand for?
H – Health
I – Insurance
P – Portability
A – And Accountability
A – Act

What is HIPAA privacy rule?
Privacy requirements were implemented on April 14, 2003. Contractors and volunteers of state agencies that
receive, create, share or store protected health information are responsible for implementing and complying with
the HIPAA privacy rules. The HIPAA Privacy Rule establishes minimum safeguards to protect confidentiality of
an individual’s health information.

The HIPAA Privacy Rule protects:

  • An individual’s health information in all forms; electronic, paper, spoken, and whether past, present or future
  • The rule protects individuals, living and dead, and or groups in both the public and private sector

What is protected health information?
“Protected Health Information,” or PHI, is information that is:

  • Linked to a specific person by name, social security number (SSN), date of birth (DOB, geographic area or other individually identifiable information)
  • Related to that person’s past, present or future physical or mental care condition; the provision of health care to that person; or the payment for the provision of health care
  • Use of any PHI identifier when combined with information regarding a person’s health, is protected under HIPAA

Who is required to comply with HIPAA?

The HIPAA Privacy Rule affects covered entities that have health information about an individual.

Covered entities include the following:

  • Health care providers such as physicians, dentists, clinics, hospitals and nursing homes
  • Health care insurance plans including private health insurance as well as government programs such as Medicaid, Medicare and The Children’s Health Insurance Program (CHIP)
  • State agencies like DADS are covered entities because they provide health care services or administer health care insurance plan

Under what conditions must you protect any of the previously mentioned pieces of information?
Whenever:

  • The information relates to the person’s physical and mental health, provision of health care or payment for health care
  • The information will identify, or could be used to identify, the subject of the information
  • The information is transmitted or maintained in any form or medium

Examples: fax, computer files, paper records.

Are there conditions that PHI may be released?
PHI may be disclosed to a government agency authorized by law to receive reports of:

  • Child abuse
  • Domestic violence
  • Abuse or neglect of persons who are elderly or have a disability

For reports of domestic violence, and abuse or neglect of adults, inform the individual of the reports unless you believe informing the individual would place him or her at risk of serious harm.

Are there limitations for release of PHI?
The privacy rule requires you to limit uses, requests, and disclosures of PHI to the minimum necessary to accomplish the use or disclosure.

How to secure various types of PHI you encounter on a regular basis?
Apply reasonable safeguards when making these communications to protect the information from inappropriate use or disclosure.

PAPER: (i.e. meal delivery route sheet, letters to be delivered, surveys, etc.)

  • Only authorized personnel generate or copy confidential documents
  • Confidential documents must not be left in areas accessible by unauthorized persons. (pick-up site, cooler, auto, home, work, etc.)
  • Confidential documents must be disposed of in a confident recycling bin, shredded, or rendered unreadable (i.e. route sheet instructions must be returned to MOWO where they will be destroyed)
  • Patient medical records must not be taken home or to any non-work-related place
  • If in doubt about the confidentiality of a document, handle as if confidential

COMPUTERS: (i.e. communicating client information to MOWAM via individual email or MOWAM website email)

  • Use only password-protected devices
  • Use a unique password and do not share your password
  • Store personal computers, laptops, PDAs, in a secure location when not in use
  • Log out when leaving the above devices

TELECOMMUNICATIONS: (i.e. communicating client information to MOWO by phone or fax) Devices such as cordless phones, mobile phones, faxes, intercoms

  • When discussing information over the phone, a reasonable safeguard would be to have a conversation in a private location or if in proximity to others to lower your voice
  • When faxing protected information always use a cover sheet and a reasonable safeguard would be prior to sending the fax, notify the person to whom the fax is being transmitted and to confirm fax #

Why is this important to you as a volunteer?
You are responsible for securing PHI and keeping it private. If you don’t you may be liable!

ALWAYS REMEMBER…
All information regarding an individual’s health care is confidential. DO NOT share this information with your friends, family or neighbors. In other words, if you learned any client Protected Health Information through your volunteer assignment or other associations with Meals on Wheels and More, it is considered private.

You also must be careful about where, when, and with whom you share information required to perform your volunteer job. Share information only with persons who HAVE a legitimate need to know for treatment, payment or health care operations. Public locations such as hallways, break rooms, elevators, and parking lots, for example, are not appropriate places to share PHI.

And lastly, please sign and return all route sheets to the MOWO front desk.