As a physician, you have an ethical duty to keep patient information confidential. Additionally, Wisconsin law and the Federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”), along with its Privacy Regulation, prohibits healthcare providers from disclosing patients’ protected healthcare information, except upon written authorization by the patient or as otherwise permitted by law. Under the HIPAA Security Regulation, hospitals and other healthcare providers are required to have the capacity to determine who is accessing their patients’ protected healthcare information; you should know that hospitals electronically monitor access. Failure to maintain patient confidentiality, accessing patient information without a need to do so for your work, or any other violation of a Medical College of Wisconsin Affiliated Hospital’s Privacy and Security Policy, may result in disciplinary action against the resident or fellow. In addition, if a violation occurs, hospitals may terminate a resident’s or fellow’s system access or take other appropriate action. Some general guidelines:
• Access patient information only if you need that information to do your work.
• Share or discuss patient information only if it is necessary to do your work.
• Never share your identification number or password with anyone.
• Follow the hospital’s or healthcare provider’s policies on confidentiality and privacy.
• Log off your computer session when you are not by your workstation.
• Ensure confidentiality when you handle protected healthcare information.
Please review the Privacy of Health Information (PDF) booklet developed by the Medical College of Wisconsin (MCW).
MCWAH requires that all trainees sign and return the Confidentiality Form (PDF).