CONFIDENTIALITY AND USE AGREEMENT FOR ACCESS TO HEALTHPOINT
Phoenix Children’s Hospital (PCH) agrees to grant me access to the HealthPoint System, subject to the
conditions set forth below. In exchange for PCH’s grant of access, I agree to the following provisions:
-
I acknowledge that through HealthPoint access I may obtain confidential patient demographic, financial, clinical and
business proprietary information (“Confidential Information”), and I agree to comply with all existing and future PCH
policies and procedures concerning the security, confidentiality and privacy of Confidential Information.
-
I agree not to, in any way, divulge, copy, release, sell, or loan any Confidential Information.
-
I agree that I will not save Confidential Information to portable media devices (“thumb drives”, memory sticks,
DVDs, floppies, CDs, PDAs, and other devices) or hard copies.
-
I agree not to release my identification code (ID) and password to any other person, including any employee or
person acting on my behalf. I agree not to allow anyone else to access the HealthPoint System under my ID and
password. Furthermore, I agree not to use or release anyone else’s identification code and password.
-
I agree to notify PCH’s Information Technology Services (ITS) Department at (602) 933-HELP immediately if I
become aware or suspect that another person has access to my identification code and/or password. Furthermore,
I understand that my staff or assistants will not be able to access this system without submitting a
Confidentiality and Use Agreement with approval by the ITS Department and their own unique user identification
and logon has been assigned.
-
I agree not to allow any unauthorized person to use or access the HealthPoint System either onsite or remotely.
I agree not to allow my staff, family, friends or other persons to see the Confidential Information on my computer
screen while I am accessing the HealthPoint System. I further agree to fully log out of all PCH networked systems
before leaving my workstation.
-
I agree to follow all PCH policies and procedures concerning access, use and disclosure of patient health
information (available upon request). I agree to access Confidential Information only for those individuals
with whom I or the physician(s) for whom I work have a treatment relationship. I also agree to access only
the amount of Confidential Information necessary to perform my job functions related to that treatment relationship.
Any other access requires the express permission of PCH.
-
I agree that I will never access Confidential Information for “curiosity viewing”. I understand that this includes
viewing Confidential Information of children, other family members, friends, or co-workers, unless access is
necessary to provide services to patients with whom I or the physician(s) for whom I work have a treatment
'relationship.
-
I agree to maintain adequate security procedures for the computers on which I access PCH information systems,
including firewalls, password management practices, and appropriate and current anti-virus software approved
for use by PCH’s ITS Department. I agree that my computer will require a password for access that is a minimum
of eight characters long and be a combination of alpha-numeric characters under the guidelines of generally
accepted security practices.
-
I agree to immediately report to the PCH Office of Business Integrity any use or disclosure of protected health
information (PHI) received from PCH for purposes other than those permitted by this Agreement and any security
incident that I become aware of that affects PHI created on behalf of or received from PCH by calling the PCH
Information Technology Services (ITS) Department at (602) 933-HELP.
-
I understand that the hours of support by PCH’s ITS Department for remote access will be between the hours of 8:00 a.m.
and 5:00 p.m., Monday through Friday. Remote support is limited to password resets and application support only.
-
I understand that it is not the responsibility of the PCH ITS Department to support and/or repair my computer,
ISP connection, applications or web browsers.
-
I agree to wipe clean the hard drive prior to sale, transfer, or donation of my computer according to Department
of Defense 5220.22-M wipe pass standards. I will contact the PCH ITS Department at (602) 933-1964 and permit them
to review the hard drive for any Confidential Information.
-
I agree that my compliance with this Agreement may be subject to review and/or audit by PCH.
-
I agree to allow PCH to inspect any computer I use for remote access, including those located in my home, office
or other facility. Further it is understood that this device will be blocked from accessing the PCH network and
other systems except those permitted by HealthPoint.
-
I agree that my obligations under this Agreement will continue in the event my status with PCH is terminated or
expires, my employment ends, or in the event PCH terminates my remote access under this Agreement.
-
I agree that any breach of this Agreement will be considered a material breach of this Agreement, and that breaches
are treated as a very serious matter. I agree that, in the event I breach any provision of this Agreement, PCH
has the right to terminate my remote access, with or without notice at PCH’s discretion.
-
I agree that, in the event I breach any provision of this Agreement, I am responsible for my actions. If PCH is
required to bring an action to enforce this Agreement, I agree to pay PCH its expenses, including reasonable
attorneys’ fees and court costs.
By accepting this, I agree that I have read, understand, and will comply with this Agreement.