Cleveland Department of Public Health Office of HIV/AIDS Services 75 Erieview Place Cleveland, OH 44114



Similar documents
By the end of this course you will demonstrate:

Developed by: California Department of Public Health (CDPH) Sexually Transmitted Diseases (STD) Control Branch. In collaboration with:

State of Louisiana Department of Health & Hospitals Office of Public Health

These Terms and Conditions specifically apply to the following functionalities:

National Cyber Security Month 2015: Daily Security Awareness Tips

Preface. TTY: (888) or Hepatitis C Counseling and Testing, contact: 800-CDC-INFO ( )

HIPAA PRIVACY OVERVIEW

Protocol-Based Counseling Quality Assurance Standards

We use cookies and other technologies to keep track of how you interact with our website.

HIPAA Security. 2 Security Standards: Administrative Safeguards. Security Topics

Hang Seng HSBCnet Security. May 2016

Online Banking Customer Awareness and Education Program

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

MIT s Information Security Program for Protecting Personal Information Requiring Notification. (Revision date: 2/26/10)

tell you about products and services and provide information to our third party marketing partners, subject to this policy;

HIPAA Compliance Annual Mandatory Education

WASHINGTON STATE EMPLOYEES CREDIT UNION ONLINE BANKING AGREEMENT

HIPAA: Bigger and More Annoying

ASCINSURE SPECIALTY RISK PRIVACY/SECURITY PLAN July 15, 2010

Privacy Statement. Privacy Practices and Feedback

POPULATION HEALTH DIVISION Transforming Public Health in San Francisco

2014 Core Training 1

Document Standards and Guidelines for Occupational Therapists. Managing Client Care Records

Incident reporting policy National Chlamydia Screening Programme

HIPAA 100 Training Manual Table of Contents. V. A Word About Business Associate Agreements 10

Security First Bank Consumer Online Banking Information Sheet, Access Agreement and Disclosures

Privacy Policy Version 1.0, 1 st of May 2016

DC Comprehensive HIV Prevention Plan for : Goals and Objectives

Donna S. Sheperis, PhD, LPC, NCC, CCMHC, ACS Sue Sadik, PhD, LPC, NCC, BC-HSP Carl Sheperis, PhD, LPC, NCC, MAC, ACS

COMMUNICABLE DISEASE

Expedited Partner Therapy (EPT) for Sexually Transmitted Diseases Protocol for Health Care Providers in Oregon

LOUISA MUSCATINE COMMUNITY SCHOOLS POLICY REGARDING APPROPRIATE USE OF COMPUTERS, COMPUTER NETWORK SYSTEMS, AND THE INTERNET

Sierra College ADMINISTRATIVE PROCEDURE No. AP 3721

HIPAA SECURITY RISK ASSESSMENT SMALL PHYSICIAN PRACTICE

A common sense guide to the Data Protection Act 1998 for volunteers

Documentation that a completed screening occurred within 3 working days of initial contact is present in the client s record.

BERKELEY COLLEGE DATA SECURITY POLICY

Passport to Partner Services. Frequently Asked Questions (FAQs)

Legal Issues for People with HIV

Integrity Bank Plus Online Banking Agreement and Disclosure

Website Privacy Policy Statement

PLUS MAY EQUAL. Flu-Like Symptoms SORE THROAT, SWOLLEN GLANDS, FEVER, JOINT AND MUSCLE ACHES

Volunteer Application Instructions Non-Licensed HIV/STI Test Counselor Recruitment open until May 30, 2012 at 5:00 pm

CITIZENS DEPOSIT BANK ONLINE BANKING AGREEMENT AND DISCLOSURE

SAMPLE TEMPLATE. Massachusetts Written Information Security Plan

HIPAA Privacy and Security

HIPAA Privacy & Security Training for Clinicians

File: IJNDC-1 WEBSITE PRIVACY POLICY

Appalachian Regional Commission Evaluation Report. Table of Contents. Results of Evaluation Areas for Improvement... 2

If you contact us orally, we may require that you send us your complaint or question in writing within 10 business days.

BUSINESS ONLINE BANKING AGREEMENT

STATEMENT OF PURPOSE:

Reducing Threats

Effective Integration of STI & HIV Prevention Programs

Appendix 4-2: Sample HIPAA Security Risk Assessment For a Small Physician Practice

WASHINGTON STATE EMPLOYEES CREDIT UNION ONLINE BANKING AGREEMENT BUSINESS ACCOUNTS

Clinical Solutions. 2 Hour CEU

The supplier shall have appropriate policies and procedures in place to ensure compliance with

CHIS, Inc. Privacy General Guidelines

North Carolina Nursing Law January 9, 2014 Phyllis M. Rocco, RN, BSN, MPH SLIDE 1 TITLE SLIDE 2

Business Internet Banking Agreement Effective November 12, 2012

Heather L. Hughes, J.D. HIPAA Privacy Officer U.S. Legal Support, Inc.

Emerging Issues in Sexually Transmitted Diseases Update on Sexual Health in Men Who Have Sex with Men (MSM)

APPROPRIATE USE OF INFORMATION TECHNOLOGY SYSTEMS INFRASTRUCTURE RESOURCES

Web Time Entry. Instructions for Employees

CARING HOSPICE SERVICES NOTICE OF PRIVACY PRACTICES

Ability to view, download, or print a "Continuity of Care Document" or "Health Summary".

Statement of Policy. Reason for Policy

ELECTRONIC DELIVERY OF BANK STATEMENTS/NOTICES CONSENT AND AGREEMENT

PINAL COUNTY POLICY AND PROCEDURE 2.50 ELECTRONIC MAIL AND SCHEDULING SYSTEM

STUDENT RECORD POLICY, PROCEDURES AND DEFINITIONS

NORTHEAST COMMUNITY SCHOOL DISTRICT CONSENT TO STUDENT USE OF THE DISTRICT S COMPUTERS, COMPUTER NETWORK SYSTEMS, AND INTERNET ACCESS

Patient Information Sheet

SBA Cybersecurity for Small Businesses. 1.1 Introduction. 1.2 Course Objectives. 1.3 Course Topics

Responsible Access and Use of Information Technology Resources and Services Policy

The Epidemiology of Internet Sex Partnering and Intervention Use, California

Acceptable Use of ICT Policy For Staff

Prior checking opinion on the European Surveillance System ("TESSy") notified by the European Centre for Disease Prevention and Control ("ECDC

Privacy & Security Standards to Protect Patient Information

Dilley State Bank RETAIL (Personal) ONLINE BANKING AGREEMENT - GENERAL TERMS AND CONDITIONS

Nursing Home Facility Implementation Overview

April Todd-Malmlov, Executive Director. Michael Turpin, General Counsel. DATE: September 19, Broker Roster Incident Response Details

ACCESS TO ACCOUNTS VIA THE INTERNET.

COMCAST.COM - PRIVACY STATEMENT

APPLETREE PEDIATRICS, PA NOTICE OF PRIVACY PRACTICES

ONLINE BANKING AGREEMENT AND DISCLOSURE

User Guide for CDC s SAMS Partner Portal. Document Version 1.0

Executive Vice President of Finance and

Zion Temple Christian Academy 3771 Reading Road Cincinnati, Ohio 45229

HIPAA Compliance for Students

NETWORK AND INTERNET SECURITY POLICY STATEMENT

Page 1. Copyright MFA - Moody, Famiglietti & Andronico, LLP. All Rights Reserved.

ONLINE BANKING SECURITY TIPS FOR OUR BUSINESS CLIENTS

Antivirus and Malware Prevention Policy and Procedures (Template) Employee Personal Device Use Terms and Conditions (Template)

Electronic Statement Disclosure

ONLINE PRIVACY POLICY

ChangeIt Privacy Policy - Canada

Service Schedule for CLOUD SERVICES

Internet-Based Health Promotion and Disease Control in the 8 Cities: Successes, Barriers, and Future Plans

Information Security Guide for Students

Transcription:

Cleveland Department of Public Health Office of HIV/AIDS Services 75 Erieview Place Cleveland, OH 44114 Policy and Procedures for Internet Partner Services April 2009 Introduction The Cleveland Department of Public Health s (CDPH) Office of HIV/AIDS has developed policy and procedures to implement Internet Partner Services (IPS) based upon recommendations, including those contained within the following publications: 1) The Centers for Disease Control and Prevention (CDC), Recommendations for Partner Services Programs for HIV Infection, Syphilis, Gonorrhea, and Chlamydia Infection, Morbidity and Mortality Weekly Report, November 7, 2008 (Vol. 57, No. RR-9); 2) The National Coalition of STD Directors (NCSD), Guidelines for Internet-based Partner Services, March 2008 and; 3) The Ohio Department of Health (ODH) HIV/STD/AVH Prevention Program, Guidelines for Internet Partner Services, ODH HIV/AVH Prevention Program STD Program Operations Manual, 2008. Background Historically, partner services at CDPH required that Disease Intervention Specialists (DIS) initiate communication with the sex partners (partners) of individuals infected with HIV and/or syphilis (patients). The DIS staff attempted to arrange meetings with those partners to notify them in person of their potential exposure to a specific disease and offer them referrals for voluntary testing and treatment. DIS attempted to locate the partners through a direct, face-to-face contact. For syphilis cases, patients have sometimes been able to provide DIS with telephone numbers of their partners, and DIS could contact partners via telephone to arrange a meeting. Rationale for IPS Adult dating websites and websites that facilitate anonymous sex encounters have proliferated over the past decade. Many of these websites have a feature that allows users to search for other users based on geographic proximity to facilitate sexual encounters, some of which will be anonymous. There is much evidence, both published and anecdotal, that indicates men who have sex with men (MSM), nationally and locally, are more likely than other groups to use such websites to initiate sexual contact. Cleveland Department of Public Health-Office of HIV/AIDS Services 1

Due to an increase in the number of people who are using the internet to initiate sexual contact, CDPH s DIS have experienced an increase in the number of cases, particularly among MSM patients, in which identifying information of partners is limited to an email address or an online screen name. In those situations, DIS are unable to use traditional methods to contact partners. If the only available contact information for a partner is an email address or online screen name then the most effective means of contacting those partners is through email and/or the internet. Most adult dating/anonymous sex websites have a password-protected email system that allows users to communicate with each other. Given the evolving changes in communication systems, there is a growing need for CDPH s DIS to develop the capacity to initiate communication through the internet to notify partners of their potential exposure to a specific disease to offer them referrals for voluntary testing and treatment. Employing the new technology of IPS will help ensure that partner notification is effective in its mission to reduce STD and HIV transmission. CDPH Internet Accounts It is the intention of CDPH to initially establish accounts for IPS with the following websites: - ManHunt -Adam4Adam The selection of these websites is based upon those websites willingness to participate in IPS and anecdotal reports from patients that they have used them for the purposes of establishing anonymous sexual contacts. In the future, as new dating/anonymous sex websites emerge and as CDPH expands IPS beyond the MSM community, CDPH will attempt to establish additional accounts for IPS. Legal Authority Although Federal and State law authorize notification to, and referral of, partners of persons with HIV infection and other types of STDs (e.g., 45 CFR 164.512(b)(iv) and Ohio Rev. Code 3701.243(B)(1)(a)), this policy and these procedures maintain the parameters of confidentiality to ensure that privacy is protected to the fullest extent authorized by law to ensure the effectiveness of the program and meet applicable security standards. Confidentiality and Security The standards already in place for DIS by CDPH for maintaining a patient s confidentiality and security of information must be adhered to in all forms of communication involving any individual who may have been exposed to HIV or an STD or who may be within the social network identified through DIS activities. That includes communication through the Internet. IPS is subject to the following additional policy and procedures: Confidentiality agreements must be signed by all individuals who will have access to IPS information. Screen names, email addresses, HIV status, and/or any personal information must be held to the same levels of confidentiality and security as a patient s or partner s first name and surname. Under no circumstances should a DIS disclose a user ID or password other than to his or her supervisor. DIS are advised to commit their passwords to memory to maximize the security of the passwords. If a DIS suspects someone unauthorized has access to a password, they should immediately notify your supervisor, who Cleveland Department of Public Health-Office of HIV/AIDS Services 2

should implement appropriate procedures for changing passwords, mitigating and addressing a potential breach. Printed documents, such as logs, reports, or transcripts containing screen names, email addresses, other identifying information, user names or passwords are to be stored in secure areas. All computers used in the IPS program must be equipped with up-to-date firewalls, spyware protection, malware protection, and encryption and used when conducting IPS activities. No IPS activities may be conducted using a Wi-Fi transmission. All computers used in the IPS program must be password-protected and be programmed with automatic log-off. Only the following City of Cleveland Department of Public Health personnel should have access to applicable IPS passwords: DIS; the DIS supervisor; the Project Coordinator of HIV/AIDS services; the Health Commissioner; and the Director. The Subject Field in all emails should not contain any information that would identify that a person has HIV or an STD. Email groups and list serves should not be used for IPS because patient confidentiality cannot be maintained. General Operating Procedures Specifically trained and closely supervised DIS will maintain a log for each case requiring IPS. DIS with cases requiring IPS will be required to check their voicemail and email at the beginning and end of each business day, and/or to arrange for backup coverage if needed. A monthly schedule to designate DIS assigned to perform IPS will be maintained. If a DIS uses vacation, sick, or personal time during intervals designated for IPS activity, a backup DIS or supervisor will assume all IPS responsibility. E-Mail Protocol The initial email may only be sent Monday through Thursday. IPS will not be initiated on a Friday or the day before a holiday on which the CDPH will be closed. DIS will log onto the websites using the CDPH account. DIS will confirm the existence of the email address/profile(s) username using the search feature of the website. If identifying information was given, DIS will confirm the description through information and details provided by the patient in the profile and/or pictures. DIS will send all messages with the subject field blank. If possible, DIS will include the contact s first name only. The text of the message should correspond with the website within which the DIS is working (e.g.,manhunt or Adam4Adam). The following script will be used in the text of the email: Cleveland Department of Public Health-Office of HIV/AIDS Services 3

Dear, I am from the Cleveland Department of Public Health. I am emailing you because someone you met through the Internet was recently diagnosed with a laboratoryconfirmed sexually transmitted infection (STI). Under the Cleveland Department of Public Health confidentiality policies and procedures, I cannot tell you anything about the person you had sex with, including when it was. I m emailing you because I m concerned about your health. Any interactions with me are confidential. Please call me at 216-xxx-xxxx and I can tell you more about the specific infection you may have been exposed to, and where you may voluntarily go to be tested and treated, for free, to protect your health. If I m not there when you call, I will call you back. Be sure to leave a number and time when I can reach you. I check my voicemail and email at the beginning and end of each business day. Both are private. If you want to check that this email is real, call. You can also call (ManHunt or Adam4Adam) at xxx-xxx-xxxx Thank you, DIS Name, Credentials Disease Intervention Specialist Cleveland Department of Public Health Cleveland, OH This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please notify the sender. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this email. If there is no response to the email after one week, the case should be reviewed with a supervisor to determine what further action, if any, should be taken. DIS will need to adhere to each website s policies and procedures for contacting partners. Response Guidelines Be sure to check voicemails at the beginning and end of each business day. When speaking with individuals, they can confirm their identity while maintaining anonymity by stating the profile name/website to which the first email was sent. When calling, identify yourself and your reason for calling. Determine whether the individual would like you to follow-up with him/her regarding confirmation of STD screening and treatment. If the client is willing Cleveland Department of Public Health-Office of HIV/AIDS Services 4

to give their name and number, arrange a time when you ll be calling them to follow-up. As a service, you can offer to call the individual s medical care provider to explain the situation and facilitate preventive treatment or ask if you can provide a referral to a medical provider. If referring a person for testing, explain that the test is voluntary. Email Monitoring Procedure Be sure to check e-mail at the beginning and end of each business day. If the DIS leaves the office, the back-up IPS DIS should check email and voicemails, if appropriate. Follow-up Email If the partner reads the first e-mail but doesn t respond to it, a follow-up message should be sent to the partner, provided the website permits this. Within the email the following script should be used: Dear, I noticed you read my first email but I didn t hear back from you. I would like to tell you what STI you may have been exposed to, and help you get tested and treated. I can do this in one of two ways: 1. Please call me at 216-xxx-xxxx and I can tell you more. Remember, I check my voicemail and email at the beginning and end of each business day. Both are private. 2. You can also email me and let me know that it s okay to give you more details in writing. Just put I agree in the subject line. I am concerned about your health and would like to help you voluntarily connect with free medical services. Thank you, DIS Name, Credentials Disease Intervention Specialist Cleveland Department of Public Health Cleveland, OH This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please notify the sender. This message contains confidential information and is intended only for the individual named. If you are not the named addressee you should not disseminate, distribute or copy this email. Documentation Requirements The DIS will document all IPS activity. Cleveland Department of Public Health-Office of HIV/AIDS Services 5

DIS must document all work with the date, time and description of each interaction on the IPS Log Sheet. All email documentation should be kept in a case file and secured. IPS activity must be entered and kept up-to-date in the secure STD management information system. *This document is a modified version of the Commonwealth of Massachusetts Department of Public Health s Division of STD Prevention s Policy and Practice for Internet Partner Notification, May 2006. Cleveland Department of Public Health-Office of HIV/AIDS Services 6

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information