THIS AGREEMENT entered, hereinafter referred to as the “Covered Entity” and "Submitter", hereinafter referred to as the “Signee”, sets forth the terms and conditions under which information created or received by or on behalf of this Covered Entity may be used or disclosed under state law and the Health Insurance Portability and Accountability Act of 1996 and updated through HIPAA Omnibus Rule of 2013 and will also uphold regulations enacted there under (hereafter “HIPAA”)
THEREFORE, in consideration of the premises and the covenants and agreements contained herein, the parties hereto, intending to be legally bound hereby, covenant and agree as follows:
- All parties acknowledge that meaningful employment may or will necessitate disclosure of confidential information by this Covered Entity to the Signee and use of confidential information by the Signee. Confidential information includes, but is not limited to, the Protected Health Information (PHI), any information about patients or other Signees, any computer log-on codes or passwords, any patient records or billing information, any patient lists, any financial information about this Covered Entity or its patients that is not public, any intellectual property rights of Practice, any proprietary information of Practice and any information that concerns this Covered Entity’s contractual relationships, relates to this Covered Entity’s competitive advantages, or is otherwise designated as confidential by this Covered Entity.
- Disclosure and use of confidential information includes oral communications as well as display or distribution of tangible physical documentation, in whole or in part, from any source or in any format (e.g., paper, digital, electronic, internet, social networks like Facebook™ or Instagram™ posting, magnetic or optical media, film, etc.). The parties have entered into this Agreement to induce use and disclosure of confidential information and are relying on the covenants contained herein in making any such use or disclosure. This Covered Entity, not the Signee, is the records owner under state law and the Signee has no right or ownership interest in any confidential information.
- Confidential information will not be used or disclosed by the Signee in violation of applicable law, including but not limited to HIPAA Federal and State records owner statute; this Agreement; the Practice’s Notice of Privacy Practices, as amended; or other limitations as put in place by Practice from time to time. The intent of this Agreement is to ensure that the Signee will use and access only the minimum amount of confidential information necessary to perform the Signee duties and will not disclose Confidential information outside this Covered Entity unless expressly authorized in writing to do so by this Covered Entity. All Confidential information received (or which may be received in the future) by Signee will be held and treated by him or her as confidential and will not be disclosed in any manner whatsoever, in whole or in part, except as authorized by this Covered Entity and will not be used other than in connection with the employment relationship.
- The Signee understands that he or she will be assigned a log-on code or password by Practice, which may be changed as this Covered Entity, in its sole discretion, sees fit. The Signee will not change the log-on code or password without this Covered Entity’s permission. Nor will the Signee leave confidential information unattended (e.g., so that it remains visible on computer screens after the Signee’s use). The Signee agrees that his or her log-on code or password is equivalent to a legally-binding signature and will not be disclosed to or used by anyone other than the Signee. Nor will the Signee use or even attempt to learn another person’s log-on code or password. The Signee immediately will notify this Covered Entity’s HIPAA Privacy Officer upon suspecting that his or her log-on code or password no longer is confidential. The Signee agrees that all computer systems are the exclusive property of Practice and will not be used by the Signee for any purpose unrelated to his or her employment. The Signee acknowledges that he or she has no right of privacy when using this Covered Entity’s computer systems and that his or her computer use periodically will be monitored by this Covered Entity to ensure compliance with this Agreement and applicable law.
- Immediately upon request by this Covered Entity, the Signee will return all confidential information to this Covered Entity and will not retain any copies of any confidential information, except as otherwise expressly permitted in writing signed by this Covered Entity. All confidential information, including copies thereof, will remain and be the exclusive property of this Covered Entity, unless otherwise required by applicable law. The Signee specifically agrees that he or she will not, and will not allow anyone working on their behalf or affiliated with the Signee in any way, use any or all of the confidential information for any purpose other than as expressly allowed by this Agreement. The Signee understands that violating the terms of this Agreement may, in this Covered Entity’s sole discretion, result in disciplinary action including termination of employment and/or legal action to prevent or recover damages for breach. Breach reporting is imperative.
- The parties agree that any breach of any of the covenants or agreements set forth herein by the Signee will result in irreparable injury to this Covered Entity for which money damages are inadequate; therefore, in the event of a breach or an anticipatory breach, Practice will be entitled (in addition to any other rights and remedies which it may have at law or in equity, including money damages) to have an injunction without bond issued enjoining and restraining the Signee and/or any other person involved from breaching this Agreement.
- This Agreement shall be binding upon and endure to the benefit of all parties hereto and to each of their successors, assigns, officers, agents, Signees, shareholders and directors. This Agreement commences on the date set forth above and the terms of this Agreement shall survive any termination, cancellation, expiration or other conclusion of this Agreement unless the parties otherwise expressly agree in writing.
- The parties agree that the interpretation, legal effect and enforcement of this Agreement shall be governed by the laws of the State and by execution hereof, each party agrees to the jurisdiction of the courts of the State. The parties agree that any suit arising out of or relation to this Agreement shall be brought in the county where this Covered Entity’s principal place of business is located.
IN WITNESS WHEREOF, and intending to be legally bound, the parties hereto have executed this Agreement on the date first above written, when signing below and after training on HIPAA Law with full understanding this agreement shall stand.
SIGNEE DOCUMENTATION OF HIPAA PRIVACY TRAINING
The Health Insurance Portability Act of 1996 (HIPAA) requires our privacy officer to train Signees on our health information privacy policies and procedures to the HIPAA Omnibus Standards of 2013 which also includes HI-TECH and Protected Health Information (PHI), Electronic Protected Health Information (ePHI) and Electronic Health Records (EHR). All Signees with treatment, payment or healthcare operations responsibilities, which allow access to protected health information, are trained with updates periodically as State and Federal mandates require. HIPAA also requires that we keep this documentation (that the training was completed) for six years after the training.
I, the undersigned do hereby certify that I have received, read, understood and agree to abide by this Healthcare Facilities HIPAA Policies and Operating Procedures.