All,

This is a good example of a privacy issue that can be easily overlooked.  When fines happen, it's often because of things like this that are not necessarily thought of in terms of HIPAA.

Private information about clients -- which includes names and other identifying information -- can be shared on a need-to-know basis with staff and outside contractors to the extent they need that information to do their jobs. Confidentiality agreements and sanctions are required to be place in these instances.

If clients are included in the interview process, there would at least need to be a confidentiality pledge signed by the job candidate. We would say to go even further than than, on the side of permissions from the clients involved.

The risk is that the job candidates see or hear private information, and they go out and talk about it, or worse, post it to social media.  Without proper agreements in place, an agency would be left defenseless in the face of a HIPAA violation.

Just this past September the Arc of Erie County near Buffalo got hit with a $200,000 fine from the NY Attorney General's office.  The issue was over a coding mistake on a website -- but in an audit, the whole underlying compliance program gets scrutinized.  As you'll see from this article,  the Arc was told that it's the agency's job to prevent breaches.

That's enough bad-tasting cold water.  I don't want to give anyone indigestion on the eve of Thanksgiving!  On the other hand, I see how hard you all work, and how much you genuinely care about the people you serve.  The last thing anyone wants to have a budget gobbled up (couldn't help it!) for something senseless that could have been prevented.

With good wishes for a happy holiday to all,


Diane Evans


On Mon, Nov 19, 2018 at 11:30 AM Lisa Mathis <LMathis@opra.org> wrote:

Hello OPRA Members,

 

Question from a provider: Are any of you including the individuals you support in the interview process when hiring their staff? If so, what are the pros and cons of doing so?

Thanks!

Lisa

 

 

Lisa Mathis, Ph.D., CESP

Director of Employment and Health Services

 

Ohio Provider Resource Association

1152 Goodale Boulevard 

Columbus, Ohio  43212

Office: 614-224-6772

Cell: 479-799-2711

 

Your success in life isn't based on your ability to simply change. It is based on your ability to change faster than your competition, customers, and business.

-Mark Sanborn

 

You are receiving this important information as a Member service of the Ohio Provider Resource Association. Unless messages and/or replies are specifically directed, each posting/response is sent to the entire listserv group, a large and diverse body. The views of individual listserv users do not necessarily reflect the views of the OPRA Board or Staff. To send a message to this listserv, please use the reply button. To reply only to the original sender, please respond to the email listed after -on behalf of- in the FROM line of the message header. Thank you.


--


Diane Evans
Publisher, MyHIPAA Guide
Website: MyHIPAAGuide.com
Residential Services Website: hipaa.opra.org

Confidentiality Notice: This message, along with any attachment(s), is intended for use only by the individual or entity to which it is addressed and may contain information that is privileged, confidential, and exempt from disclosure under applicable law. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering the message to the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited. If you have received this communication in error, please contact the sender immediately and destroy the material in its entirety, whether electronic or hard copy.