Patient Information Policy
Privacy Official and Complaint Contact
SCOPE:
All Louisiana State University (LSU) System health care
facilities and providers including, but not limited to
hospitals, physician practices, clinics, schools, etc. on
the LSU Health Sciences Center New Orleans Academic Campus.
Nota Bene: All LSU System health care facilities and
providers including, but not limited to hospitals, physician
clinics, schools, etc. on the LSU Health Sciences Center New
Orleans Academic Campus, are referred to in this policy as
LSUHSC-NO.
PURPOSE:
To establish the requirements and guidelines for each
LSUHSC-NO component to designate a Privacy Official to
oversee and implement LSUHSC-NO’s privacy policies and
procedures, as required by the Health Insurance Portability
and Accountability Act (HIPAA), Standards of Privacy of
Individually Identifiable Health Information (“HIPAA Privacy
Regulations”).
POLICY:
Each LSU System-affiliated component must designate a
Privacy Official to oversee and implement the LSUHSC-NO
Privacy Policies and Procedures and work to ensure
LSUHSC-NO’s compliance with the requirements of the HIPAA
Privacy Regulations. The Privacy Official will also be
responsible for receiving complaints about matters of
patient privacy.
Each Privacy Officer should:
- Establish or identify a committee to assist the
Privacy Official in his/her other duties; and
- Be designated with Privacy Program oversight and
responsibility.
DEFINITIONS:
Privacy Officer – person designated by LSUHSC-NO as the
Privacy Officer. Protected Health Information (sometime referred to as “PHI”)
– for purposes of this policy means Individually
Identifiable Health Information that relates to the past,
present or future health care services provided to an
individual. Examples of Protected Health Information include
medical and billing records of a patient.
PROCEDURE:
| 1.0 |
General. LSUHSC-NO
shall designate an appropriate individual to serve
as the LSUHSC-NO’s Privacy Official. |
| 2.0 |
Responsibilities. The
Privacy Official’s responsibilities shall include,
but are not limited to:
- Privacy Policies and Procedures:
- Communication and implementation of the
privacy policies and procedures to the
facility’s workforce;
- Assistance with deployment and
implementation of the facility’s privacy
policies and procedures; and
- Development, communication and
implementation of facility-specific policies
and procedures related to patient privacy.
- Training:
- Overseeing initial and ongoing training
for all members of the facility workforce on
the policies and procedures related to
Protected Health Information as necessary and
appropriate to carry out their job-related
duties;
- Ensuring all new members of the workforce
are trained within a reasonable period of
time; and
- Documenting that training has been
provided.
- Advisory:
- Advising members of the workforce on
privacy matters.
- Complaints: Serves as the individual to:
- Receive complaints concerning patient
rights,
- Investigate any complaints, and
- Document complaints received and their
disposition.
- Sanctions:
- Ensure violations of privacy policies and
procedures are addressed as appropriate.
- Document sanctions that are applied.
- Mitigation:
- To the extent practicable, mitigate any
harmful effect that is known to LSUHSC-NO from
the use or disclosure of Protected Health
Information in violation of policies and
procedures.
|
REFERENCE:
45 C.F.R. § 164.530 |
