HIPAA Policy

Effective date:

August 20, 2024

Protecting Health Privacy

At Seniors HelpDesk, we recognize the importance of protecting the privacy and confidentiality of health information in accordance with the Health Insurance Portability and Accountability Act (HIPAA). This policy outlines our commitment to safeguarding protected health information (PHI) and the steps we take to comply with HIPAA regulations.

Purpose

The purpose of this policy is to establish the framework for ensuring that Seniors HelpDesk maintains the privacy and security of PHI. We comply with all applicable federal and state regulations regarding the use, storage, and disclosure of PHI to protect our members’ rights.

Scope

This policy applies to all employees, volunteers, partners, sponsors, contractors, and third-party vendors who may have access to PHI through their work with Seniors HelpDesk. It covers all forms of PHI, including written, electronic, and oral communications.

Definitions

  • Protected Health Information (PHI): Any individually identifiable health information, such as medical records, health status, treatments, or any other data related to a person’s healthcare that is protected under HIPAA.
  • Business Associate: Any external party working with Seniors HelpDesk that handles or processes PHI.

Use and Disclosure of PHI

Seniors HelpDesk will only use or disclose PHI under the following circumstances:

  • Treatment, Payment, and Healthcare Operations: PHI may be used for coordination of care, referrals, billing, or general healthcare administration.
  • Authorization: PHI will only be disclosed with written authorization from the individual or their legal representative unless otherwise permitted or required by law.
  • Legal Requirements: In certain cases, we may be required to disclose PHI to comply with legal obligations, such as reporting elder neglect, abuse, or fraud.

HIPAA Privacy Rule

  • Seniors HelpDesk adheres to the HIPAA Privacy Rule, ensuring that PHI remains confidential and protected at all times.
  • PHI will not be shared without explicit consent except in instances required by law, such as when cooperating with investigations related to elder neglect, abuse, or fraud.

HIPAA Security Rule

To safeguard electronic PHI (ePHI), Seniors HelpDesk implements administrative, physical, and technical safeguards, including:

  • Encryption and Secure Storage: All electronic PHI is stored in encrypted databases and systems to prevent unauthorized access.
  • Access Controls: Only authorized personnel have access to PHI. User access is limited to the minimum necessary information needed to perform their duties.
  • Training and Awareness: All employees, volunteers, and partners undergo HIPAA training to ensure they understand their responsibilities regarding PHI protection.

Employee and Third-Party Responsibilities

Employees, volunteers, partners, and third parties with access to PHI must adhere to the following guidelines:

  • Only access PHI necessary to perform job functions.
  • Report any potential or actual PHI breaches immediately to the Privacy Officer.
  • Do not disclose PHI without proper authorization or outside the scope of their duties.

Reporting a Breach of PHI

In the event of a breach of PHI, Seniors HelpDesk will:

  • Promptly notify affected individuals of the breach.
  • Report the breach to the Department of Health and Human Services (HHS) when required.
  • Investigate and take corrective action, including disciplinary measures for those responsible for the breach, up to and including termination.

Violations

Any employee, volunteer, partner, or sponsor found in violation of this policy may face disciplinary action, including termination of employment, volunteer status, or partnership. Seniors HelpDesk will report any violations of HIPAA or other applicable laws to the proper authorities as required.

Individual Rights

Seniors, families, and caregivers whose PHI is managed by Seniors HelpDesk have the right to:

  • Access their PHI upon request.
  • Request corrections to their PHI.
  • Receive an accounting of disclosures of their PHI.
  • Restrict certain uses and disclosures of PHI.

Questions or Concerns

For questions or concerns regarding HIPAA compliance or PHI management, contact our Privacy Officer at (954) 391-5676.

Seniors HelpDesk is committed to maintaining the privacy and security of our members' health information. We continually review and update our policies to ensure compliance with HIPAA regulations and to protect the confidentiality of all individuals we serve.