Healthcare providers, business associates, and subcontractors often ask their employees to sign a HIPAA employee confidentiality agreement statement. The purpose of the HIPAA employee confidentiality agreement is to ensure that an employee of a provider (or of another organization, including a business associate, or a subcontractor) will maintain the confidentiality and secrecy of protected health information, and other information that is confidential.
A HIPAA employee confidentiality agreement statement contains terms outlining the consequences of a violation. The agreement typically states that if an employee deliberately violates a provision requiring him or her to keep information confidential and not use or disclose it, the employee will face disciplinary action. The type of disciplinary action is stated in the HIPAA employee confidentiality agreement, and may include a warning, suspension, or termination of employment. The features of a HIPAA employee confidentiality agreement are discussed below.
Whether you are a healthcare provider , a business associate , a subcontractor, or an independent contractor, you may have employees who, as part of their work duties, may see, hear, or touch protected health information (PHI).
If you are a provider, or a business associate, your employees may view PHI on a regular basis. If you are performing services for a provider or a business associate that are not healthcare-related, your employees may still be exposed to PHI if or when those employees are working on the premises of a healthcare provider or business associate. To ensure your employees do not use, access, or disclose protected health information other than as required to perform their jobs, you can request that they sign a HIPAA employee confidentiality agreement with you.
A HIPAA employee confidentiality agreement is an agreement between an employer and its employee, under which the employee agrees to:
