ACCESS AND CONFIDENTIALITY ACKNOWLEDGEMENT: Non-Employee

“Confidential and Proprietary Information” includes information relating to:

1. Any individuals’ Protected Health Information (PHI), which is information that identifies an individual (name, social security number, account number, etc.) and is created or received by a health care provider, health plan, or healthcare clearinghouse, is transmitted or maintained in any medium (i.e. electronic, medical record, paper, oral), and relates to the past, present or future physical or mental health condition, or payment for the provision of care (including medical records, conversations, admitting information, and patient financial information);
2. Employees (including medical records, compensation, benefits, employment records, and disciplinary actions).
3. McLaren Health Care Corporation’s or subsidiary specific information (including financial and statistical records, strategic plans, internal reports, memos, contracts, peer review information, communications, proprietary computer programs and technology and source code); and
4. Proprietary third-party information (including computer programs and technology, client or vendor information and source code).

I understand and acknowledge:

1. As an individual with access to a McLaren information system, I may learn of or have access to Confidential and Proprietary Information through computer systems (including, but not limited to patient care information systems, other clinical and financial information systems, the longitudinal patient record, and the actuarial and claims systems) or through my employment.
2. Gaining access to the EMR is a privilege. Any information that I access in the EMR meets the HIPAA Regulations definition of PHI.
3. I understand it is my responsibility to use Confidential and Proprietary Information only as minimally necessary to perform my legitimate job duties, as well as safeguard and limit access to any Protected Health Information in any medium (including written, oral, or electronic formats).
4. I understand it is my responsibility to safeguard my access code and I will not share my access code or other authorization for access to Confidential and Proprietary Information.
5. I understand it is my responsibility to protect all Confidential and Proprietary Information obtained even after my employment or association has ended with the organization that has been granted access to the Confidential and Proprietary information.
6. I understand McLaren may routinely monitor and audit my access to the system, for appropriateness of use and access to such information, as it relates to my legitimate duties.
7. I understand it is my responsibility to sign off the computer when I leave the computer system.
8. I understand that I am responsible for all activity logged under my password. I understand that I must log off before another user may use the computer.
9. I understand it is my responsibility to notify my supervisor and the MHC Privacy Officer (privacy@mclaren.org) immediately if I suspect or learn of any privacy or security breach, e.g., that my access code, other authorization for access to Confidential and Proprietary Information has been misused or disclosed without proper authorization. I understand the purpose of this notification is to protect confidentiality and that my unique information systems access code(s) may be changed.
10. McLaren Health Care prohibits accessing my personal PHI in the EMR.
11. The inappropriate use or access of PHI may independently constitute a violation of applicable laws and regulations for which I may be personally held criminally and/or civilly liable. Misuse will result in loss of privileges.