POLICIES

HIPAA Policy

 

In accordance with the Health Insurance Portability and Accountability Act (HIPAA):

 

1.  United EMS, its employees and agents shall hold in strict confidence all data and information obtained with respect to Facility’s operations and business, and shall not use or disclose such data without the prior written consent of the Facility. This restriction shall not apply to any information that is required to be released by law or to information that is already in the public domain.

 

2.  Facility, its employees and agents shall hold in strict confidence all data and information obtained with respect to United and United’s operations and business, and shall not use or disclose such data without the prior written consent of United.  This restriction shall not apply to any information that is required to be released by law or to information that is generally available to the public.

 

3.  United EMS agrees to maintain the confidentiality of all patient information (“protected health information”) in compliance with all applicable laws, including but not limited to the federal Health Insurance Portability and Accountability Act (HIPAA) and the regulations applicable to business associates, and to use disclose protected health information only to the extent necessary to accomplish the duties set forth in this Agreement or as required by law.

 

4.  United EMS shall utilize appropriate safeguards to prevent the use of disclosure of protected health information except as provided in this Agreement and ensure that its Physicians, employees and agents agree to the same restrictions as are applicable to United.  United shall report to Facility any unauthorized use or disclosure within 3 working days of notice to United.

 

5.  United EMS shall make available protected health information in accordance with 45 Code of Federal Regulations Sections 164.524 and 164.526.  United shall also make available information required to provide an accounting of disclosure in accordance with Section 164.528, as well as its internal practices, books and records relating to its use and disclosure of protected health information received from, or created or received by United on behalf of Facility to the Secretary of the U.S. Department of Health and Human Services or his / her designee for purposes of determining Facility compliance with HIPAA.

 

6.  On termination of transportation agreements, if feasible, United EMS shall return or destroy all protected health information received from, or created or received by United on behalf of, Facility that is maintained by United in any form.  If return or destruction is not feasible, United shall extend the confidentiality obligations of this Agreement to that protected health information and limit further uses or disclosures to the purposes that make the return or destruction infeasible