Â鶹ӰÊÓ

The purpose of this policy is to describe patients’ rights to request an accounting of disclosures of their protected health information. One of the rights granted to patients under the Health Insurance Portability and Accountability Act of 1996 (HIPAA) is the right of the patient to request and receive an accounting of the disclosures of the patient’s PHI. The patient’s right to request and receive an Accounting of Disclosures is described within the Notice of Privacy Practices. This policy...

The purpose of this Policy is to set forth the University’s process for the use and disclosure of PHI pursuant to a written authorization. This policy describes the uses and disclosures of protected health information (PHI) that require written authorization prior to use or disclosure. This policy establishes guidelines for obtaining and properly documenting an individual’s authorization for any use and/or disclosure of PHI that requires prior authorization. This policy also identifies the...

Â鶹ӰÊÓ utilizes a variety of IT equipment to support patient care and communicate with healthcare information systems including desktop computers, servers, laptops, and biomedical devices. Biomedical devices typically measure physiological characteristics of patients and in some cases may not use or look like a traditional computer, yet they may store electronic protected healthcare information (ePHI). Policy addresses security of devices/equipment while in use by Pacific workforce...

The HIPAA rules generally require that covered entities enter into contracts with their business associates to ensure that each party will appropriately safeguard protected health information. The business associate contract also serves to clarify and limit, as appropriate, the permissible uses and disclosures of protected health information by the business associate, based on the relationship between the parties and the activities or services being performed by the business associate. A...

The purpose of this policy is to describe the policy and procedure for requesting and approving access for authorizing short-term access to patient care areas or to view patient care. Â鶹ӰÊÓ has established a comprehensive HIPAA privacy and security program to prevent unauthorized access to protected health information (PHI). This policy sets forth Pacific's approach for any person, invited or otherwise authorized to enter Â鶹ӰÊÓ patient-care areas or to view patient care...

Â鶹ӰÊÓ has adopted this Data Integrity Policy and Procedure to ensure the confidentiality, integrity, and availability of all Protected Data we create, receive, maintain, or transmit as required by federal or state regulatory requirements, including but not limited to FERPA, GLBA, HIPAA, PCI, and other regional or local applicable laws and requirements. The policy establishes a standard to instruct and guide workforce members in the appropriate access, use, storage, and transmission...

The purpose of this Policy is to set forth Â鶹ӰÊÓ’s process for determining what patient information can be used and disclosed if information that can identify a person has been removed. Â鶹ӰÊÓ has a duty to protect the confidentiality and integrity of protected health information (PHI) as required by law, professional ethics, and accreditation requirements therefore this policy outlines the standards that workforce members at Pacific will follow when de-identifying PHI...

In support of the physical security safeguards described in NIST standards, Â鶹ӰÊÓ will implement policies and procedures to prevent unauthorized access to facilities and document the repairs and modifications to the physical components of a facility related to Protected Data security (for example, hardware, walls, doors and locks). This includes access to defined spaces as well as maintenance performed on equipment. PUNID required to review policy.

The purpose of this policy is to provide practical steps that workforce members can take to achieve the general limitations on the use and disclosure of protected health information (PHI) as required by the Health Insurance Portability and Accountability Act, HIPAA. The following guidelines are in accordance with the final Security Rule and consistent with the HIPAA privacy requirement to safeguard protected health information (PHI). See 45 CFR § 164.530(c). Use of these guidelines will improve...

To provide ethical guidance to healthcare clinic workforce members as it relates to relationships with individuals and entities that supply goods and services to our clinics. To set forth the required standards of conduct for all employees regarding the acceptance of gifts, educational or travel subsidies, entertainment, meals, and any other form of remuneration from suppliers and business partners that refer or are in a position to refer health care business or those that provide products or...

Â鶹ӰÊÓ Healthcare Clinic workforce members are committed to quality, honesty and integrity in our handling of billing and coding activities within the healthcare clinics. We are committed to operate within the laws, rules, regulations, and policies set by the federal and state governments, insurance programs and Medicare/Medicaid carriers, fiscal intermediaries, and others. There will be both internal and external (i.e. by a contracted independent consultant, or other professional...

Â鶹ӰÊÓ Healthcare Clinic workforce members are committed to quality, honesty and integrity in our handling of billing and coding activities within the healthcare clinics. We are committed to operate within the laws, rules, regulations, and policies set by the federal and state governments, insurance programs and Medicare/Medicaid carriers, fiscal intermediaries, and others. Each clinic will be responsible to inform patients and workforce members of their rights with regard to the...

Â鶹ӰÊÓ Healthcare Clinic workforce members are committed to quality, honesty and integrity in our handling of billing and coding activities within the healthcare clinics. We are committed to operate within the laws, rules, regulations, and policies set by the federal and state governments, insurance programs and Medicare/Medicaid carriers, fiscal intermediaries, and others. The University requires full compliance with all relevant health care billing and coding regulations. All...

Â鶹ӰÊÓ Healthcare Clinic workforce members are committed to quality, honesty and integrity in our handling of billing and coding activities within the healthcare clinics. We are committed to operate within the laws, rules, regulations, and policies set by the federal and state governments, insurance programs and Medicare/Medicaid carriers, fiscal intermediaries, and others. All clinical billing and coding will be done in compliance with all applicable state and federal laws and...

The Code of Conduct provides guidance for professional conduct. The success and reputation of the university in fulfilling its mission depends on the ethical behavior, honesty, integrity and good judgment of each member of the community. The Code of Conduct outlines principles, policies and some of the laws that govern the activities of the University and to which our employees who represent the University must adhere. Those acting on behalf of Â鶹ӰÊÓ Healthcare Clinic Operations...

The purpose of this policy is to establish a standard for training for all new and existing members of the Â鶹ӰÊÓ Healthcare Clinic workforce. This policy will cover initial, as well as periodic re-training standards. All workforce members of Â鶹ӰÊÓ receive training on current Federal, State and other applicable healthcare regulations. The scope of this policy is all workforce members of Â鶹ӰÊÓ’s Healthcare Clinics. Â鶹ӰÊÓ is a hybrid entity. Only...

The purpose of this policy is to set forth Â鶹ӰÊÓ’s process for addressing potential breaches of unsecured protected health information from incident discovery to investigation / risk assessment and potential notification. Â鶹ӰÊÓ has established a comprehensive HIPAA privacy and security program to prevent unauthorized access to protected health information (PHI). This policy sets forth Pacific's approach to investigating and responding to incidents that may involve...

The purpose of this Policy is to set forth Â鶹ӰÊÓ’s process for applying sanctions for violations of Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security policies. Â鶹ӰÊÓ has established a comprehensive HIPAA privacy and security program to prevent unauthorized access to protected health information (PHI). This policy sets forth Pacific's approach to applying consistent sanctions upon completion of investigations. This policy applies to the...

Information security related incidents impact Â鶹ӰÊÓ's (Pacific) security goals and may also harm its ability to conduct business. These incidents may be malicious in nature or accidental. Pacific has selected and implemented a set of safeguards, which are based on the result of risk assessments and information security standards. In the event of a security related incident, this policy addresses the methods for identifying, responding to and, when possible, preventing security...

This policy sets forth Pacific's approach to applying sanctions upon completion of investigations regarding misuse of Protected Data. Attempting to obtain or use, actually obtaining or using, or assisting others to obtain or use Protected Data, when unauthorized or improper, will result in counseling and/or disciplinary action up to and including termination. Â鶹ӰÊÓ has adopted this Information Security Sanctions Policy to ensure the confidentiality, integrity, and availability of...