Privacy and Confidentiality Rules

Share This Page

  • Do not discuss personal health information (PHI) with the patient or any other interested party unless it is part of your role as a health care provider
  • Do not discuss personal health information regarding patients, patient’s visitors, medical staff or hospital staff:
    • in areas where the general public may overhear the discussion,
    • in public areas such as corridors, elevators, cafeterias, at home,
    • conversations over the telephone
  • Do not access patient personal health information (PHI) except in the course of performing your role as a health care provider for the patient. Apply the "Need to Know" Rule.
  • Do not look up information on your friends, family or co-workers. ie, address, d.o.b., etc.
  • Never share your computer password: You are responsible for every entry done under your user ID and password, the person using your password may commit a breach of confidentiality and you are accountable.
  • If you are in doubt about the personal health information (PHI) you are going to release, obtain expressed consent from the patient.
  • Never disclose personal health information (PHI) to anyone outside the "circle of care" without the express or implied consent from the patient.
  • When giving personal health information (PHI) over the phone to an authorized person, ensure that you verify identify of the person. ie – (use the caller ID feature or call back)
  • Sign off your computer when stepping away from your workstation.
  • Do not remove, copy or transmit personal health information (PHI) other than through those procedures outlined in Niagara Health Privacy & Confidentiality Policies – Internal/External Transmission of Health Information by Facsimile (FAX), and Consent to the Collection, Use and Disclosure of Personal Health Information.
  • Always include a cover page with your name, telephone number, date and number of pages sent. Carefully enter the fax number to ensure you do not misdirect the message and breach privacy.
  • Never store personal health information (PHI) on a laptop, PDA or desktop. All personal health information (PHI) must be stored on the network.
  • Avoid sending personal health information (PHI) on the internet email system. Use internal email system.
  • Follow "clean desk" practices especially in unattended workspaces. Dispose of any personal health information (PHI) that is not a part of the chart. (ie. patient list) into designated shredder boxes, or a secure location.
  • Wear your ID badge all the times. Verify unknown persons by checking their badges including picture.
  • Secure entry to restricted areas and sign-in and escort visitors in the restricted areas.
  • Review and adhere to Niagara Health Privacy & Confidentiality Policies and Procedures.

« Go Back

Niagara Health System