THIS AGREEMENT entered,
hereinafter referred to as the “Covered Entity” and "Submitter",
hereinafter referred to as the “Signee”, sets forth the terms and conditions
under which information created or received by or on behalf of this Covered
Entity may be used or disclosed under state law and the Health Insurance
Portability and Accountability Act of 1996 and updated through HIPAA Omnibus
Rule of 2013 and will also uphold regulations enacted there under (hereafter
“HIPAA”)
THEREFORE, in consideration
of the premises and the covenants and agreements contained herein, the parties
hereto, intending to be legally bound hereby, covenant and agree as follows:
- All parties acknowledge that
meaningful employment may or will necessitate disclosure of confidential
information by this Covered Entity to the Signee and use of confidential
information by the Signee. Confidential information includes, but is not
limited to, the Protected Health Information (PHI), any information about
patients or other Signees, any computer log-on codes or passwords, any
patient records or billing information, any patient lists, any financial
information about this Covered Entity or its patients that is not public,
any intellectual property rights of Practice, any proprietary information
of Practice and any information that concerns this Covered Entity’s
contractual relationships, relates to this Covered Entity’s competitive
advantages, or is otherwise designated as confidential by this Covered
Entity.
- Disclosure and use of confidential
information includes oral communications as well as display or
distribution of tangible physical documentation, in whole or in part, from
any source or in any format (e.g., paper, digital, electronic, internet,
social networks like Facebook™ or Instagram™ posting, magnetic or optical
media, film, etc.). The parties have entered into this Agreement to induce
use and disclosure of confidential information and are relying on the
covenants contained herein in making any such use or disclosure. This Covered
Entity, not the Signee, is the records owner under state law and the
Signee has no right or ownership interest in any confidential information.
- Confidential information will not
be used or disclosed by the Signee in violation of applicable law,
including but not limited to HIPAA Federal and State records owner
statute; this Agreement; the Practice’s Notice of Privacy Practices, as
amended; or other limitations as put in place by Practice from time to
time. The intent of this Agreement is to ensure that the Signee will use
and access only the minimum amount of confidential information necessary
to perform the Signee duties and will not disclose Confidential
information outside this Covered Entity unless expressly authorized in
writing to do so by this Covered Entity. All Confidential information
received (or which may be received in the future) by Signee will be held
and treated by him or her as confidential and will not be disclosed in any
manner whatsoever, in whole or in part, except as authorized by this Covered
Entity and will not be used other than in connection with the employment
relationship.
- The Signee understands that he or
she will be assigned a log-on code or password by Practice, which may be
changed as this Covered Entity, in its sole discretion, sees fit. The
Signee will not change the log-on code or password without this Covered
Entity’s permission. Nor will the Signee leave confidential information
unattended (e.g., so that it remains visible on computer screens after the
Signee’s use). The Signee agrees that his or her log-on code or password
is equivalent to a legally-binding signature and will not be disclosed to
or used by anyone other than the Signee. Nor will the Signee use or even
attempt to learn another person’s log-on code or password. The Signee
immediately will notify this Covered Entity’s HIPAA Privacy Officer upon
suspecting that his or her log-on code or password no longer is
confidential. The Signee agrees that all computer systems are the
exclusive property of Practice and will not be used by the Signee for any
purpose unrelated to his or her employment. The Signee acknowledges that
he or she has no right of privacy when using this Covered Entity’s
computer systems and that his or her computer use periodically will be
monitored by this Covered Entity to ensure compliance with this Agreement
and applicable law.
- Immediately upon request by this Covered
Entity, the Signee will return all confidential information to this Covered
Entity and will not retain any copies of any confidential information,
except as otherwise expressly permitted in writing signed by this Covered
Entity. All confidential information, including copies thereof, will
remain and be the exclusive property of this Covered Entity, unless
otherwise required by applicable law. The Signee specifically agrees that
he or she will not, and will not allow anyone working on their behalf or
affiliated with the Signee in any way, use any or all of the confidential
information for any purpose other than as expressly allowed by this
Agreement. The Signee understands that violating the terms of this
Agreement may, in this Covered Entity’s sole discretion, result in
disciplinary action including termination of employment and/or legal
action to prevent or recover damages for breach. Breach reporting is
imperative.
- The parties agree that any breach
of any of the covenants or agreements set forth herein by the Signee will
result in irreparable injury to this Covered Entity for which money
damages are inadequate; therefore, in the event of a breach or an anticipatory
breach, Practice will be entitled (in addition to any other rights and
remedies which it may have at law or in equity, including money damages)
to have an injunction without bond issued enjoining and restraining the Signee
and/or any other person involved from breaching this Agreement.
- This Agreement shall be binding
upon and endure to the benefit of all parties hereto and to each of their
successors, assigns, officers, agents, Signees, shareholders and
directors. This Agreement commences on the date set forth above and the
terms of this Agreement shall survive any termination, cancellation,
expiration or other conclusion of this Agreement unless the parties
otherwise expressly agree in writing.
- The parties agree that the
interpretation, legal effect and enforcement of this Agreement shall be
governed by the laws of the State and by execution hereof, each party
agrees to the jurisdiction of the courts of the State. The parties agree
that any suit arising out of or relation to this Agreement shall be
brought in the county where this Covered Entity’s principal place of
business is located.
IN WITNESS WHEREOF, and
intending to be legally bound, the parties hereto have executed this Agreement
on the date first above written, when signing below and after training on HIPAA
Law with full understanding this agreement shall stand.
SIGNEE DOCUMENTATION OF
HIPAA PRIVACY TRAINING
The Health Insurance
Portability Act of 1996 (HIPAA) requires our privacy officer to train Signees
on our health information privacy policies and procedures to the HIPAA Omnibus
Standards of 2013 which also includes HI-TECH and Protected Health Information
(PHI), Electronic Protected Health Information (ePHI) and Electronic Health
Records (EHR). All Signees with treatment, payment or healthcare operations
responsibilities, which allow access to protected health information, are
trained with updates periodically as State and Federal mandates require. HIPAA
also requires that we keep this documentation (that the training was completed)
for six years after the training.
I, the undersigned do
hereby certify that I have received, read, understood and agree to abide by
this Healthcare Facilities HIPAA Policies and Operating Procedures.