2. Begin gathering necessary documents for student (refer to Record Acknowledgement Form)



Similar documents
PHI- Protected Health Information

HIPAA and Health Information Privacy and Security

HIPAA Security Alert

HIPAA Privacy & Security Rules

Clinical Instructor Handbook. The Right Choice-The Right Support

PROTECTING PATIENT PRIVACY and INFORMATION SECURITY

HIPAA Self-Study Module Patient Privacy at Unity Health Care, Inc HIPAA Hotline

Montclair State University. HIPAA Security Policy

HIPAA Privacy & Security Training for Clinicians

HIPAA Security Training Manual

The Basics of HIPAA Privacy and Security and HITECH

Peace Corps Office of the OCIO Information and Information Technology Governance and Compliance Rules of Behavior for General Users

HIPAA Compliance Annual Mandatory Education

APPROVED BY: DATE: NUMBER: PAGE: 1 of 9

HIPAA 101: Privacy and Security Basics

DEPARTMENTAL POLICY. Northwestern Memorial Hospital

31-R-11 A RESOLUTION ADOPTING THE CITY OF EVANSTON IDENTITY PROTECTION POLICY. WHEREAS, The Fair and Accurate Credit Transactions Act of 2003,

EAA Policy for Accepting and Handling Credit and Debit Card Payments ( Policy )

Central Texas College District Human Resource Management Operating Policies and Procedures Manual Policy No. 294: Computer Security Policy

Appendix A: Rules of Behavior for VA Employees

Information Technology Security Policies

HIPAA TRAINING. A training course for Shiawassee County Community Mental Health Authority Employees

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

Boston Public Schools. Guidelines for Implementation of Acceptable Use Policy for Digital Information, Communication, and. Technology Resources

MONTSERRAT COLLEGE OF ART WRITTEN INFORMATION SECURITY POLICY (WISP)

Standard: Information Security Incident Management

Information Security and Electronic Communications Acceptable Use Policy (AUP)

Information Security Policy

HIPAA Security. 4 Security Standards: Technical Safeguards. Security Topics

Responsible Access and Use of Information Technology Resources and Services Policy

The Internet and 2 Acceptable use 2 Unacceptable use 2 Downloads 3 Copyrights 3 Monitoring 3. Computer Viruses 3

Compliance HIPAA Training. Steve M. McCarty, Esq. General Counsel Sound Physicians

MCPHS IDENTITY THEFT POLICY

INFORMATION TECHNOLOGY SECURITY POLICY COUNTY OF IMPERIAL

INITIAL APPROVAL DATE INITIAL EFFECTIVE DATE

Authorized. User Agreement

ACCEPTABLE USE POLICY

Section 5 Identify Theft Red Flags and Address Discrepancy Procedures Index

Annual HIPAA Security & Information Security Competency

HIPAA Privacy and Security. Rochelle Steimel, HIPAA Privacy Official Judy Smith, Staff Development January 2012

Health Insurance Portability and Accountability Act (HIPAA) and Health Information Technology for Economic and Clinical Health Act (HITECH)

HEALTH INSURANCE PORTABILITY & ACCOUNTABILITY ACT OF 1996 HIPAA

Document Type Doc ID Status Version Page/Pages. Policy LDMS_001_ Effective of 7 Title: Corporate Information Technology Usage Policy

HIPAA and the HITECH Act Privacy and Security of Health Information in 2009

SUBJECT: SECURITY OF ELECTRONIC MEDICAL RECORDS COMPLIANCE WITH THE HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA)

Appendix H: End User Rules of Behavior

Procedure Title: TennDent HIPAA Security Awareness and Training

CHIS, Inc. Privacy General Guidelines

MEDICAL OFFICE COMPLIANCE TOOLKIT. The Complete Medical Practice Compliance Resource HIPAA HITECH OSHA CLIA

HIPAA PRIVACY AND SECURITY TRAINING P I E D M O N T COMMUNITY H EA LT H P L A N

HIPAA: Bigger and More Annoying

51 JS-R STUDENT USE OF INFORMATION TECHNOLOGY RESOURCES

U.S. Department of the Interior's Federal Information Systems Security Awareness Online Course

LEARNING MODULE: HIPAA AND COMPLIANCE. For Clinical Students and Instructors Greater Green Bay Healthcare Alliance Updated June 27, 2014

Building a Culture of Health Care Privacy Compliance

HIPAA AND COMPLIANCE

Newark City Schools Computer Network, Internet And Bring Your Own Device (BYOD) Acceptable Use Policy and Agreement

PCI Training for Retail Jamboree Staff Volunteers. Securing Cardholder Data

DATA PROTECTION IT S EVERYONE S RESPONSIBILITY. An Introductory Guide for Health Service Staff

NATIONAL HEALTHCARE SAFETY NETWORK USER RULES OF BEHAVIOR. Version /08/05

Department of Homeland Security Management Directive System MD Number: 4900 INDIVIDUAL USE AND OPERATION OF DHS INFORMATION SYSTEMS/ COMPUTERS

HIPAA SECURITY RULES FOR IT: WHAT ARE THEY?

Appropriate Use Policy Technology & Information

B. Privacy. Users have no expectation of privacy in their use of the CPS Network and Computer Resources.

HIPAA Security Education. Updated May 2016

Information Security Policy

Standards of. Conduct. Important Phone Number for Reporting Violations

BERKELEY COLLEGE DATA SECURITY POLICY

'Namgis First Nation. 1.0 Overview. 2.0 Purpose. 3.0 Scope. 4.0 Policy

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

MARIN COUNTY OFFICE OF EDUCATION. EDUCATIONAL INTERNET ACCOUNT Acceptable Use Agreement TERMS AND CONDITIONS

DHHS Information Technology (IT) Access Control Standard

8.03 Health Insurance Portability and Accountability Act (HIPAA)

MCOLES Information and Tracking Network. Security Policy. Version 2.0

Data Management Policies. Sage ERP Online

Transcription:

Dear Colleague, This notice is to share some recent changes we ve made with our Student Onboarding Process. Effective October 1, 2014, our onboarding process is migrating from Public Safety to our Human Resources Division. As part of this transition, we have developed a process to help streamline activities related to issuing badges and computer log in ID s. We ve also updated our requirements to ensure that students have completed the following prior to beginning their clinical experience at St. Vincent Healthcare: Occupational Health Screening Background Investigation St. Vincent Healthcare Orientation Module In order to orchestrate these activities, we are now asking for AT LEAST 3 weeks notice student s planning rotations at St. Vincent Healthcare. We believe investing this additional time up front will minimize frustrations related to access and create a more efficient and user friendly process for the students. We have outlined the new student onboarding process below: Process for Onboarding Students 1. Once you have chosen the students who will be visiting St. Vincent Healthcare, please contact Angie Heaney at 237.3062. She will confirm your school has a current Affiliation Agreement with SVH. 2. Begin gathering necessary documents for student (refer to Record Acknowledgement Form) 3. Have student complete Demographic Form and The SVH Student Orientation Manual 4. Email completed Demographic Form and Record Acknowledgement Form to Angie Heaney at angela.heaney@sclhs.net 5. We will then process students access. (Please note: Rotation should be scheduled at least 3 weeks from the date paperwork is submitted). 6. Once the student is processed within our system, they will be notified they are ready to proceed. 7. Student should then contact Stefanie Tripp in Human Resources to schedule an appointment to receive their badge. (Stefanie can be reached at 237.3153) 8. Student is now ready to begin their rotation We thank you all in advance for helping us to streamline this process. If you have any questions, you may contact Angie Heaney at 237-3062 or via email at angela.heaney@sclhs.net. We look forward to working with you and your students.

Demographic Form - Student Today s Date STUDENT INFORMATION (Please Print) Last Name First Name MI Last 4 Digits of Soc Sec # e-mail address School/Organization Degree Program Expected Dates of Rotation School/Organization Contact Phone # You may return completed form to your instructor or Angie Heaney k:\onboarding\students angela.heaney@sclhs.net 8/2014

RECORDS ACKNOWLEDGEMENT FORM Student Name: School: Start Date: To promote quality and safety in the care of our patients and safety for our associates, all agencies contracting with St. Vincent Healthcare are required to document and maintain records on your site the following list of items for agency staff or students who will be working in our facility. This Records Acknowledgement Form must be returned to our office prior to the student beginning their clinical experience in our Facility. In signing this form, you assume full responsibility for these records being current and accurate. Occupational Health screening to include: o Date of MMR immunization; 2 documentations of MMR injections (If born on or before January 1, 1957 no documentation require) o Date of Tuberculosis immunization or recent PPD test result clear within last twelve months o Clean drug screen o Hepatitis B given or declined (for those providing patient care) Background investigation to include the following (documented proof verifying the absence of criminal convictions other than a minor traffic offense): o OIG (Office of Inspector General) o USA Offender Search (National Sex Offender) o Statewide Criminal Search o County Criminal Court Search all counties lived in last 7 years o Social Security Address/Alias Trace o EPLS (Excluded Parties Listing System) Orientation (required Facility training) o St. Vincent Orientation Module Required Forms (attach) o Student Attestation of completion of Orientation Module o Signed Confidentiality Agreement My signature below acknowledges that all requirements as listed above have been completed, are in compliance with the requirements of the Affiliation Agreement, and the information will remain on file in our offices. Authorized Agency Signature Print Name Date c:\k:\onboarding/students 8/2014

Confidentiality and Security Agreement Note: this form is for use with SCLHS associates and workforce members. I understand that SCL Health System (SCLHS), a SCLHS Care Site or operational unit (the Company ) for which I work, volunteer or provide services manages health information as part of its mission to treat patients. Further, I understand that the Company has a legal and ethical responsibility to safeguard the privacy of all patients and to protect the confidentiality of their patients health information. Additionally, the Company must assure the confidentiality of its human resources, payroll, fiscal, research, internal reporting, strategic planning information, or any information that contains Social Security numbers, health insurance claim numbers, passwords, PINs, encryption keys, credit card or other financial account numbers (collectively, with patient identifiable health information, Confidential Information ). In the course of my employment/assignment at the Company, I understand that I may come into the possession of this type of Confidential Information. I will access and use this information only when it is necessary to perform my job related duties in accordance with the Company s Privacy and Security Policies, which are available on the Company intranet (known as The Landing). I further understand that I must sign and comply with this Agreement in order to obtain authorization for access to Confidential Information or Company systems. General Rules 1. I will act in the best interest of the Company and in accordance with its Code of Conduct at all times during my relationship with the Company. 2. I understand that I should have no expectation of privacy when using Company information systems. The Company may log, access, review, and otherwise utilize information stored on or passing through its systems, including email, in order to manage systems and enforce security. 3. I understand that violation of this Agreement may result in disciplinary action, up to and including termination of employment, suspension, and loss of privileges, and/or termination of authorization to work within the Company, in accordance with the Company s policies. Protecting Confidential Information 4. I will not disclose or discuss any Confidential Information with others, including friends or family, who do not have a need to know it. I will not take media or documents containing Confidential Information home with me unless specifically authorized to do so as part of my job. 5. I will not publish or disclose any Confidential Information to others using personal email, or to any Internet sites, or through Internet blogs or sites such as Facebook or Twitter. I will only use such communication methods when explicitly authorized to do so in support of Company business and within the permitted uses of Confidential Information as governed by regulations such as HIPAA. 6. I will not in any way divulge, copy, release, sell, loan, alter, or destroy any Confidential Information except as properly authorized. I will only reuse or destroy media in accordance with Company Information Security Standards and Company record retention policy. 7. In the course of treating patients, I may need to orally communicate health information to or about patients. While I understand that my first priority is treating patients, I will take reasonable safeguards to protect conversations from unauthorized listeners. Such safeguards include, but are not limited to: lowering my voice or using private rooms or areas where available. 8. I will not make any unauthorized transmissions, inquiries, modifications, or purgings of Confidential Information. 9. I will not transmit Confidential Information outside the Company network unless I am specifically authorized to do so as part of my job responsibilities. If I do transmit Confidential Information outside of the Company using email or other electronic communication methods, I will ensure that the Information is encrypted according to Company Information Security Standards.

Protecting Patient Information 10. I will treat patient information, whether on paper, spoken, or in the computer, as confidential and protected. I understand that patient information is not to be discussed among co-workers except as required to do my job. I will treat patient information impersonally as part of the day s work. If I use or disclose information other than through prescribed procedures, I understand that disciplinary actions, up to, and including termination of employment may result. 11. I understand there are definite rules regarding the release of health information. Any party requesting a patient s health information should be referred to Release of Information in the Health Information Management department or to a supervisor. If I as a patient want to see my own health information, I understand there are policies governing this access, which are for my own protection. All requests to see my own health information or that of any member of my own family will be referred to the Release of Information area of HIM or to my supervisor. 12. I acknowledge and agree that I am responsible for all entries made and all access using my assigned user id and password, whether made by me or by another if I fail to log out or lock the computer when leaving my workstation. I will not share or attempt to learn another s user id or password and I will not access any applications using a user id and password other than my own. If I believe or suspect my password has been compromised, I will notify STSC and change my password immediately. 13. I acknowledge that my use of the SCLHS computer applications, including the electronic medical record, may be periodically monitored to ensure compliance with this agreement. Following Appropriate Access 14. I will only access or use systems or devices I am officially authorized to access, and will not demonstrate the operation or function of systems or devices to unauthorized individuals. 15. I will only access software systems to review patient records or Company information when I have a business need to know, as well as any necessary consent. By accessing a patient s record or Company information, I am affirmatively representing to the Company at the time of each access that I have the requisite business need to know and appropriate consent, and the Company may rely on that representation in granting such access to me. Using Portable Devices and Removable Media 16. I will not copy or store Confidential Information on removable media or portable devices such as laptops,tablets, cell phones, CDs, thumb drives, external hard drives, etc., unless specifically required to do so by my job. If I do copy or store Confidential Information on removable media, I will encrypt the information while it is on the media according to Company Information Security Standards 17. I understand that any mobile device (Smart phone, Tablet, etc.) that synchronizes company data (e.g., Company email) may contain Confidential Information and as a result, must be protected. Because of this, I understand and agree that the Company has the right to: a. Require the use of only encryption capable devices. b. Prohibit data synchronization to devices that are not encryption capable or do not support the required security controls. c. Implement encryption and apply other necessary security controls (such as an access PIN and automatic locking) on any mobile device that synchronizes company data regardless of it being a Company or personally owned device. d. Remotely "wipe" any synchronized device that: has been lost, stolen or belongs to a terminated employee or affiliated partner. e. Restrict access to any mobile application that poses a security risk to the Company network. See Mobile Security Computing Policy for more information.

Doing My Part Personal Security 18. I understand that I will be assigned a unique identifier (e.g., User ID) to track my access and use of Confidential Information and that the identifier is associated with my personal data provided as part of the initial and/or periodic credentialing and/or employment verification processes. 19. I will: a. Use only my officially assigned User-ID and password. b. Use only approved licensed software. c. Use a device with virus protection software. d. Practice safe Internet usage. e. Contact help desk if I receive any suspicious email. 20. I will not: a. Disclose passwords, PINs, or access codes. b. Use tools or techniques to break/exploit security measures. c. Open suspicious emails or emails from untrusted persons. d. Connect unauthorized systems or devices to the Company network. 21. I will practice good workstation security measures such as locking the workstation in my absence, using screen savers with activated passwords, positioning screens away from public view, and never connecting unauthorized systems or devices to the SCLHS network, e.g. USB drives. 22. I will immediately notify my manager, Enterprise Security, or the STSC help desk if: a. my password has been seen, disclosed, or otherwise compromised; b. media with Confidential Information stored on it has been lost or stolen; c. I suspect a virus infection on any system; d. I am aware of any activity that violates this agreement, privacy and security policies; or e. I am aware of any other incident that could possibly have any adverse impact on Confidential Information or Company systems. Upon Termination 23. I agree that my obligations under this Agreement will continue after termination of my employment, expiration of my contract, or my relationship ceases with the Company. 24. Upon termination, I will immediately return any documents or media containing Confidential Information to the Company. 25. I understand that I have no right to any ownership interest in any Confidential Information accessed or created by me during and in the scope of my relationship with the Company. By signing this document, I acknowledge that I have read this Agreement and I agree to comply with all the terms and conditions stated above. I have read or had explained to me, this Confidentiality and Security Agreement, and will support and uphold the confidentiality of Confidential Information including patients health information, and any other confidential or proprietary information belong to SCL Health System or my Care Site. Signature: Printed Name: Date:

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information