Sometimes, when SHARE members violate a hospital policy, they don't even think they've done so. While working to take care of themselves and their family, they might access protected information. SHARE members might not realize that their computer activity can be revealed in a routine system audit, and that unauthorized access can result in serious disciplinary action.
Most employees know that HIPAA guidelines permit an employee to access a patient's record only in one of two situations:
- For job-related reasons. Or,
- If the employee submits a completed Employee Authorization for Electronic Access Form, which is filed with the Medical Records department.
For example, even if you want to find out the results of your very own lab work, you must be authorized to do so through the Medical Records department, or contact your physician directly.
For more information, visit The US Department of Health and Human Services' "Understanding HIPAA" webpage
Or, please feel free to call the SHARE office (508) 929-4020, or the UMass Memorial Privacy Office: (508) 334-5551