12.10 APPENDIX J—EXAMPLES OF CONFIDENTIALITY AGREEMENTS
Please note, some of the examples in the Appendices may be outdated and may have changed. Those changes may not be reflected in this document.
Example #1: Courtesy of Howard Brown Health Center
It is the goal of Howard Brown Health Center (HBHC) to provide our clients (anyone seeking care or services with or through HBHC) with professional, competent, and quality care and education in a respectful, affirming atmosphere. As an employee, consultant, auditor, or volunteer of HBHC, you have a responsibility to maintain a sense of concern and professionalism while performing your duties. In the execution of this duty, you must be sensitive to the comfort, sensitivities, and confidentiality of the client.
The comfort and confidentiality of our clients is of primary concern to HBHC. The professionalism of our staff is necessary to maintain the comfort and trust we have built through the years. Courts and health care professionals maintain that upholding patient confidentiality is an absolute necessity. Federal courts guarantee absolute privacy regarding all STD medical records. Furthermore, sexual health histories may not be subpoenaed by any court. Breaches of confidentiality regarding the aforementioned data may be punished by dismissal. As an employee, consultant, auditor, or volunteer of the HBHC, it is imperative that you follow all federal, state, and local confidentiality laws.
In addition to the legal confidentiality laws, as an employee, consultant, auditor, or volunteer of HBHC, you must also abide by the following:
- Some of us, in the context of our duties, advise, within the clinical setting, appropriate and inappropriate behavior as it pertains to physical and/or mental wellness. In the context of this document, clinical setting includes all areas and/or physical space in which you perform your assigned duties.
- We do not, and cannot, be “moral custodians”, nor do we have policing rights.
- Do not discuss clients or client data with unauthorized persons.
- Discuss clients or client data only to conduct legitimate business, and such discussions should take place only in a manner(s) and location(s) which affords absolute privacy.
- Do not discuss clients or patients outside of HBHC for any reason.
- Make no reference to a client visit to HBHC should you meet a client elsewhere.
- Preserve the confidentiality of friends who are HBHC clients as you would any HBHC client.
- Never acknowledge the presence or absence of clients to any caller.
- Respect for clients is mandatory as a representative of HBHC.
- Client confidentiality is respected and maintained by all staff and other members of the Howard Brown Health Center’s workforce after concluding their working relationship with Howard Brown Health Center.
BREACH(ES) OF CONFIDENTIALITY WILL NOT BE TOLERATED AND ARE GROUNDS FOR IMMEDIATE DISSMISSAL.
We guarantee our clients absolute confidentiality of their records. Any client requesting a copy of their records must follow the HBHC Policy of Chart Access. No person shall be permitted to view client medical, mental health, or case management records, unless written documentation of permission by the client involved is provided.
Your signature below confirms that you have read, understand, and accept to follow the Howard Brown Health Center’s Pledge of Confidentiality.
Signature: ___________________________________________
Name: ______________________________________________
Date: ________________
Example #2: Employee Confidentiality Statement, Courtesy of State of Tennessee Department of Health
Computer Access Security Agreement
I hereby acknowledge receipt of my computer access code(s) and my use of them demonstrates my agreement to the following guidelines:
- I shall maintain confidentially of all computer information and resources to which I have access or control.
- I shall take appropriate measures to safeguard and protect the information and computer resources of the State that are available to me.
- I shall use the information and computer resources only for authorized State business and not disclose any information or documentation obtained from, or pertaining to, the State’s computer system(s) to any third party, except in the routine lawful conduct of the State’s business.
- I shall be accountable for and accept full responsibility for all transactions performed using my computer access codes.
- I shall maintain all computer access codes in the strictest of confidence, immediately change them if I suspect that their secrecy has been compromised, and report suspected misuse to the respective Security Administrator.
I have read and agree to comply with the guidelines set forth above.
I understand that willful violation of, or disregard for, any of these guidelines may result in disciplinary action up to and including termination of my employment, termination of my business relationship with the State of Tennessee, and possible prosecution under the provisions of the Computer Crimes Act as cited at TCA 39-14-601 et seq.
Type or Print Name Social Security Number
Signature Date
Due to be returned to Sec. Admin. User ID
Example #3: Courtesy of San Francisco Department of Health
CONFIDENTIALITY AGREEMENT FOR USE OF DPH RECORDS AND INFORMATION SYSTEMS
Individuals with access to the records and information systems (internet, email, telephone, pager, fax machines, etc.) of the San Francisco Department of Public Health have a legal and an ethical responsibility to protect the confidentiality of medical, financial, and personnel information, and to use that information and those systems only in the performance of their jobs. The following rules apply to information that you receive or send from any source, including computer, paper, telephone, and facsimile.
Confidential information may not be accessed, discussed, or divulged in any form except as required in the performance of your duties. Sharing confidential medical information is allowed within DPH among medical professionals in order to provide medical care to a patient.
You may not use any DPH information system for any type of personal use. Use the following test: “Is my use of this information system enabling me to provide better service, or to perform my duties more effectively or less expensively?” If the answer is no, then your use of the information or system is unnecessary and/or inappropriate.
Be aware that most DPH information systems maintain records of what is viewed and/or sent by whom. You may be asked to justify why you viewed or released specific information.
You may be given a user ID and a password to enable you to view computerized information. Under no circumstances may you disclose your user ID or password other than to your supervisor or to IS staff. If you suspect someone else has knowledge of your password, you must immediately notify your supervisor and the divisional IS Manager.
The hardware, software, and data used in the DPH information systems are the property of DPH. All software installed on a DPH computer must be authorized in writing by IS and must be licensed to allow installation on a DPH computer. DPH has the right to review and remove personal or unlicensed software and data on any DPH computer.
If you, inadvertently or intentionally, misuse or improperly disclose your user ID or password, misuse or improperly disclose confidential information, use DPH information systems for personal reasons, or install personal or unlicensed software or data on a DPH computer, you may lose access to the computer system, be subject to disciplinary action up to and including termination, be reported to the appropriate licensing board, and/or be subject to civil or criminal liability.
******************************************************************************
I understand that I have no privacy right in the information in my DPH computer or the information that I access or send via my computer or other DPH equipment. I acknowledge that my use of DPH information systems and equipment may be monitored.
PRINT NAME DIVISION
SIGNATURE SSN