Maintaining Client Confidentiality April 5, 2017

Slides:



Advertisements
Similar presentations
Protect Our Students Protect Ourselves
Advertisements

CONFIDENTIALITY / PRIVACY. Federal Laws Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….
Privacy and Information Security Training ( ) VUMC Privacy Website
And the finer details of patient privacy TCH Confidential Understanding HIPAA.
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
 Privacy Act of 1974 PII (Personally Identifiable Information)….Protection of social security numbers……….
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training
HIPAA Training. What is HIPAA? The Health Insurance Portability and Accountability Act (HIPAA) was enacted in It provides the ability to transfer.
Protecting Client Data HIPAA, HITECH and PIPA Part 1A
Critical Data Management Indiana University HR Summit April 24, 2014.
SAFEGUARDING DHS CLIENT DATA PART 2 SAFEGUARDING PHI AND HIPAA Safeguards must: Protect PHI from accidental or intentional unauthorized use/disclosure.
HEAVEN’S HANDS COMMUNITY SERVICE H.I.P.A.A. What is HIPAA? HIPAA stands for the Health Insurance Portability and Accountability Act, which was passed.
FERPA The Family Educational Rights and Privacy Act.
FERPA: Protect our Students by Protecting their Records Prepared by Rebekah D. Mathis-Stump, JD.
1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
HIPAA Privacy & Security EVMS Health Services 2004 Training.
ESCCO Data Security Training David Dixon September 2014.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.
Arkansas State Law Which Governs Sensitive Information…… Part 3B
Privacy and Information Management ICT Guidelines.
Use of U.T. Austin Property Computers: Security & Acceptable Use The University of Texas at Austin General Compliance Training Program.
University Health Care Computer Systems Fellows, Residents, & Interns.
INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,
Privacy & Confidentiality
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
1 Privacy Plan of Action © HIPAA Pros 2002 All rights reserved.
Interviewer Responsibilities Caseworker responsibilities and tips for conducting an effective interview.
1Copyright Jordan Lawrence. All rights reserved. U. S. Privacy and Security Laws DELVACCA INAUGURAL INHOUSE COUNSEL CONFERENCE April 1, 2009 Marty.
Government Agency’s Name April Identity Theft is when someone steals your personal information and uses it as their own, usually for some financial.
Aged and Disabled Waiver (ADW) Health Insurance Portability and Accountability Act (HIPAA) Training 2015 October 2015.
Computer Security Sample security policy Dr Alexei Vernitski.
HIPAA Training. What information is considered PHI (Protected Health Information)  Dates- Birthdays, Dates of Admission and Discharge, Date of Death.
HIPAA Privacy What Every Staff Member Needs to Know.
FAMILY EDUCATIONAL RIGHTS AND PRIVACY ACT (FERPA) What Faculty and Staff Should Know.
THE UNIVERSITY OF VERMONT F E R P A Q U I Z Veronika Carter, Acting Registrar R.J. Sweeney, Assistant Registrar.
POLICIES & PROCEDURES FOR HANDLING CONFIDENTIAL INFORMATION NOVEMBER 5 TH 2015.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
Protect Our Students Protect Ourselves
Protecting PHI & PII 12/30/2017 6:45 AM
Privacy Education Session CMHA-WECB/CCHC Volunteers/Students
HIPAA Privacy & Security
And the finer details of patient privacy
Privacy & Confidentiality
Privacy of Client Data.
Dining with Diabetes IRB Training 2017.
HIPAA Basic Training for Privacy and Information Security
Identity Theft This presentation will focus on identity theft. What do you already know about identity theft? Do you know anyone who has had their identity.
The new data protection rules
FERPA for Colleges & Universities
D3 Confidentiality.
Information management and communication
HIPAA Privacy & Security
The Health Insurance Portability and Accountability Act
H2.9b Maintain Information
Good Spirit School Division
Move this to online module slides 11-56
HIPAA Do’s and Don'ts: What is Really Behind Protected Health Information (PHI) and Health Care Privacy Rules Paul Sisler, Director, Information Services;
Human Subjects Research
Handling Information Securely
Handling information 14 Standard.
TRACE INITIATIVE: Confidentiality, Data Security, and Procedures for Protocol Violation or Adverse Event.
Consent to Release or Obtain Confidential Information
Protecting Student Data
Family Educational Rights and Privacy Act of 1974
Presentation transcript:

Maintaining Client Confidentiality April 5, 2017

Training Goals Understand required practices on maintaining client confidentiality Understand required practices on maintaining case file confidentiality

Why does it matter? Maintaining client confidentiality is among the core principles of case service provision Figure 1: Puzzle board of the word trust. Adapted from Pixabay. Retrieved from https://pixabay.com/en/puzzle-trust-reliability-certainty-2515123/

Why does it matter? Safeguard client’s privacy and identity – sharing information without consent may cause harm to client and family A professional and contractual requirement Ensures trust is built between staff and client Figure 1: One figure helping another one over a wall. Adapted from Pixabay. Retrieved from https://pixabay.com/en/friends-trust-friendship-together-1015312/

What is confidential or private information? “Private Information” is defined as any information that is personal and discrete in nature and relates to IRC employees, donors, refugees or any other recipients of assistance from IRC. Medical records, Claims for refugee status Benefits information What else?  Client home address and home telephone number  Client date of birth  Government identification numbers, driving license number, social security number, alien number  Passport number and visa number  Income information  Direct financial assistance information  Medical information  Family, Cross-Reference, or US Tie information  Individual benefits and services

What information should be kept confidential? Your client’s friend has learned that your client has recently resettled in Wichita and would like to get in touch with him. What can you share? Cannot share information Figure 1: Confidential stamp. Adapted from Pixabay. Retrieved from https://pixabay.com/en/confidential-secret-private-font-264516/

What information should be kept confidential? A caseworker from a different agency states that client was enrolled in their training program. The caseworker would like to get an updated phone number for client. Cannot share information Figure 1: Confidential stamp. Adapted from Pixabay. Retrieved from https://pixabay.com/en/confidential-secret-private-font-264516/

What information should be kept confidential? A staff member at your client’s school is asking for the client’s SNAP card number, so that they may be enrolled in the Reduced/Free Lunch Program Cannot share information Figure 1: Confidential stamp. Adapted from Pixabay. Retrieved from https://pixabay.com/en/confidential-secret-private-font-264516/

What information should be kept confidential? The US tie for a client who has not yet arrived would like information on the client’s status. Can you share the information you see on the RPC Monthly Caseload report (i.e. client’s security check status)? Cannot Share Information Figure 1: Confidential stamp. Adapted from Pixabay. Retrieved from https://pixabay.com/en/confidential-secret-private-font-264516/

Confidentiality Requirements Never share/discuss clients’ sensitive data with others that are not permitted to view this information. Never discuss clients’ sensitive information in public or in an open space where others might overhear you. Please find a secure office or a secluded area to have these discussions with authorized staff members only. Always be vigilant in keeping sensitive data secure and confidential. Figure 1: Lock. Adapted from Pixabay. Retrieved from https://pixabay.com/en/cyber-security-security-lock-1915626/

IRC Policies on Confidentiality The IRC’s Client Confidentiality Policy The Client Release of Information Forms The IRC Way The IRC Client Confidentiality Policy can be found on RescueNet

The IRC Confidentiality Policy

Consent to Release Information Consent to Release Information Forms are translated in all client languages The specific “consent to release information form” needs to list the specific (names, titles, organizations) of the individuals who permitted to receive the information

The IRC Way Complaint Reporting Procedure •When an IRC worker has direct knowledge or information of a policy violation, you are required to inform his/her immediate supervisor as soon as possible. OR: •Supervisor’s Supervisor •Designated HR Representative •Most senior person in the location •The Integrity and Accountability Unit, the General Counsel or the Chief HR Officer What happens if you notice a situation where a confidentiality breach may have happened?

Who is accountable for ensuring confidentiality is maintained in your office? Figure 1: Man writing on a computer. Adapted from Pixabay. Retrieved from https://pixabay.com/en/blogging-blogger-office-business-3094201/

Case File Confidentiality File Security Figure 1: File cabinet. Adapted from Pixabay. Retrieved from https://pixabay.com/en/cabinet-data-file-icon-information-1293245/  

Case File Security – Fill in the blanks… Case files should: always be kept in a ______________ never be __________ from office never left ____________on desks Figure 1: Binders. Adapted from Pixabay. Retrieved from https://pixabay.com/en/ring-binders-aligned-organization-2654130/

Case File Security Case files should: always be kept in a secure location never be removed from office never left unattended on desks Figure 1: File Cabinet. Adapted from Pixabay. Retrieved from https://pixabay.com/en/cabinet-filing-filing-cabinet-2027625/

No references to unrelated individuals/cases File Documentation No references to unrelated individuals/cases Casefiles should not reference unrelated individuals/cases Email messages should never be included in files Casenotes for special medical cases should not include a client’s specific diagnosis Follow coding/RRS protocols for victims of trafficking and other high risk cases

File Documentation No email messages Casefiles should not reference unrelated individuals/cases Email messages should never be included in files Case notes for special medical cases should not include a client’s specific diagnosis Follow coding/RRS protocols for victims of trafficking and other high risk cases Figure 1: Email symbol. Adapted from Pixabay. Retrieved from https://pixabay.com/en/icons-symbols-letters-email-post-842848/

No specific diagnosis for special medical cases File Documentation No specific diagnosis for special medical cases Casefiles should not reference unrelated individuals/cases Email messages should never be included in files Case notes for special medical cases should not include a client’s specific diagnosis Follow coding/RRS protocols for victims of trafficking and other high risk cases Figure 1: Medical paperwork. Adapted from Pixabay. Retrieved from https://pixabay.com/en/report-helth-medical-doctor-tools-2704732/

Follow coding protocols for VOTs and other high risk cases File Documentation Follow coding protocols for VOTs and other high risk cases Casefiles should not reference unrelated individuals/cases Email messages should never be included in files Case notes for special medical cases should not include a client’s specific diagnosis Follow coding/RRS protocols for victims of trafficking and other high risk cases

File Documentation Electronic files must be treated with the same level of care as paper files Electronic files must be treated with the same level of care as paper files All electronic files and file-based databases should be stored in a secure folder on a network file server, if available Under no circumstances should such files be stored on a home PC or laptop that is removed from the office Employees should be mindful of IRC’s Network policy and follow protocols for safe computing Figure 1: Laptop. Adapted from Pixabay. Retrieved from https://pixabay.com/en/laptop-notebook-computer-black-158648/

Secure folder on a network file server File Documentation Secure folder on a network file server Electronic files must be treated with the same level of care as paper files All electronic files and file-based databases should be stored in a secure folder on a network file server, if available Under no circumstances should such files be stored on a home PC or laptop that is removed from the office Employees should be mindful of IRC’s Network policy and follow protocols for safe computing Figure 1: Lock. Adapted from Pixabay. Retrieved from https://pixabay.com/en/security-secure-locked-technology-2168233/

Never on a home PC or laptop that is removed from the office File Documentation Never on a home PC or laptop that is removed from the office Electronic files must be treated with the same level of care as paper files All electronic files and file-based databases should be stored in a secure folder on a network file server, if available Under no circumstances should such files be stored on a home PC or laptop that is removed from the office Employees should be mindful of IRC’s Network policy and follow protocols for safe computing Figure 1: Laptop with error sign. Adapted from Pixabay. Retrieved from https://pixabay.com/en/mistake-404-error-computer-website-3085712/

Follow IRC’s Network Policy & Protocols for safe computing File Documentation Follow IRC’s Network Policy & Protocols for safe computing Electronic files must be treated with the same level of care as paper files All electronic files and file-based databases should be stored in a secure folder on a network file server, if available Under no circumstances should such files be stored on a home PC or laptop that is removed from the office Employees should be mindful of IRC’s Network policy and follow protocols for safe computing

Case File Security https://pilotrescuenet.rescue.org/Utilities/Uploads/Handler/Uploader.ashx?area=composer&filename=USP+Information+Systems+Data+Security+and+Confidentiality+Guidelines.pdf&fileguid=e4fe5ea9-8763-4fe6-9143-fd233aceec16 Figure 1: Laptop with error sign. Adapted from Pixabay. Retrieved from https://pixabay.com/en/shredder-document-paper-shredder-311638/

Confidentiality Requirements Never leave your screen or open documents containing staff related sensitive data unattended, not even for a minute! Always lock your computer or log out of IRIS and ETO before walking away from your laptop or computer. Never leave printouts of sensitive data. In fact, we urge that you refrain from printing out sensitive data all together. If you must print out information, please make sure to remove any sensitive data that can connect the information to an individual. Example: reports in aggregates and not by client names. Always be vigilant in keeping sensitive data secure and confidential.

Questions? Figure 1: Question Marks. Adapted from Pixabay. Retrieved from https://pixabay.com/en/question-mark-note-duplicate-2110767/