0130.005.00 Confidentiality

0130.005.10.50 Staff Access to Protected Health Information and Required Confidentiality Agreement

Staff must protect the privacy of individually identifiable health information, must recognize the importance of such confidentiality provisions, and affirmatively acknowledge those guidelines.

  1. Staff Access
    • Employees shall be granted access to PHI in accordance with state and federal law and other relevant DSS/FSD operating procedures.
    • Each office shall establish a local procedure for how its workforce members are to physically access PHI in case records (i.e. how to sign records in and out and under what conditions, etc.).
  2. Training: Supervisors must inform employees of their obligations with respect to PHI in accordance with DSS/FSD policy. All employees are required to receive HIPAA training appropriate to their respective job duties. All employees must read and affirm an understanding of the DSS Administrative Manual on HIPAA.

    Training includes one or more of the following: reading and affirming an understanding of the HIPAA policy in the DSS Administrative Manual, taking the DSS HIPAA training presentation, reading the FSD policy, completing a Take 45 Training Session, receiving training during new employee orientation, and receiving ongoing training as deemed necessary by supervisory staff.

    The receipt of HIPAA training shall become a part of the employee’s personnel record.

  3. Volunteers: Volunteers who work in FSD offices must review the DSS Administrative Manual and the DSS training on HIPAA and sign an acknowledgement that they have reviewed those provisions, just as a regular employee would.