University Policies

Page tree

Versions Compared

Old Version 21

changes.mady.by.user Alburger, Katherine A

Saved on

compared with

New Version Current

changes.mady.by.user Alburger, Katherine A

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Requirements:

    1. Sending Faxes:

      1. Confidential FAX coversheets should be developed by departments utilizing the language in the sample Confidential Fax Cover Sheet and must include the following PHI statement:
        This message is intended for the use of the person or entity to which it is addressed and may contain information that is privileged and confidential, the disclosure of which is governed by applicable law. If the reader of this message is not the intended recipient, or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this information is STRICTLY PROHIBITED. If you have received this message in error, please notify the sender immediately and arrange for the return or destruction of these documents.

      2. Employees will take reasonable steps to ensure that a fax transmission is sent to and received by the intended recipient. When the fax transmission includes PHI, "reasonable steps" include, but are not limited to, the following:
        1. Preprogrammed fax numbers must be periodically verified that they are still valid.
        2. When a fax number is entered manually (because it is not one of the pre-programmed numbers) the employee entering the number will visually check the recipient's fax number on the fax machine prior to starting the transmission.
        3. The name, business affiliation, telephone number and fax number of the intended recipient as well as the number of pages contained in the transmission will also appear on the cover sheet.
        4. Fax confirmation sheets will be checked immediately or as soon as possible after the fax has been transmitted, to confirm the material was faxed to the intended fax number. If the intended recipient notifies the sender that the fax was not received, the sender will use best efforts to determine whether the fax was inadvertently transmitted to another fax number by checking the fax confirmation sheet and/or the fax machine's internal logging system.
          1. If an employee becomes aware that a fax was sent to the wrong fax number, the employee will immediately attempt to contact the recipient by fax or telephone and request that the faxed documents, and any copies of them, be immediately returned to RowanSOM or destroyed. The employee's supervisor or the Chief Audit, Compliance & Privacy Officer will also be notified of the misdirected fax who will then perform an analysis of harm to the affected individual, as required by RowanSOM policy, Protected Health Information Breach Notification.
          2. Those recipients who regularly receive PHI via fax will be periodically reminded to notify RowanSOM of any change to the recipient's fax number.
          3. Fax confirmation sheets will be attached to and maintained with all faxed materials for six years.
          4. Faxing of Sensitive PHI (such as HIV/AIDS results or status or substance abuse and mental health treatment records) should be avoided whenever possible.
          5. When faxing PHI, employees will comply with all other RowanSOM privacy policies.
    2. Receiving Faxes:
      1. Employees who are intended recipients of faxes that contain PHI will take reasonable steps to minimize the possibility those faxes are viewed or received by someone else. These "reasonable steps" include, but are not limited to, the following:
        1. Fax machines that receive faxes that include PHI will be located in Secure Areas. If an employee receives a fax containing PHI on a fax machine that is not in a Secure Area, the recipient of the fax will promptly advise the sender that the receiving fax machine should not be used for the transmission of such information.
        2. Fax machines will be checked on a regular basis to minimize the amount of time incoming faxes that contain PHI are left on the machines. Employees who monitor the fax machines, or the employee who sees such a fax on the machine, will promptly remove incoming faxes and deliver them to the proper person.
        3. If an employee receives a fax addressed to someone other than the employee and the person to whom the fax is addressed is someone at RowanSOM, the employee will promptly notify the individual to whom the fax was addressed and deliver or make arrangements to deliver the misdirected fax as directed by the intended recipient.
        4. If an employee receives a fax addressed to someone other than the employee and the person to whom the fax is addressed is NOT affiliated with RowanSOM, the employee will promptly notify the sender, and destroy or return the faxed material as directed by the sender.
        5. Employees who routinely receive faxes containing PHI from other individuals or organizations (either internal or external sources) will promptly advise those regular senders of any changes to the employee's fax number.
        6. Faxes with PHI should be placed in a secure/confidential place when they are delivered and not left in a location that is in full view of passers-by.

...

  1. Responsibilites:
    1. Sanctions for Non-Compliance
      1. RowanSOM will apply appropriate sanctions against any member of the workforce who fails to comply with RowanSOM privacy policies and procedures. The Dean, and President, with the assistance of the Department of Human Resources, will enforce the sanctions appropriately and consistently. RowanSOM will document all sanctions that are applied.

...

    1. Retailiaion/

...

    1. Waiver
      1. RowanSOM may not intimidate, threaten, coerce, discriminate against, or take other retaliatory action against any individual for the exercise by the individual of any privacy right. RowanSOM may not require individuals to waive their privacy rights as a condition of the provision of treatment, payment, enrollment in a health plan, or eligibility for benefits.

VII. ATTACHMENTS

 Attachment 1, Confidential Fax Cover Sheet

...