Confidentiality – HIPAA Policy

The Health Insurance Portability and Accountability Act (HIPAA) of 1996 was enacted to provide safeguards for patient privacy in an electronically based health care system. Every clinical entity has policies and procedures for protected patient health information. Marshall B. Ketchum University School of Physician Assistant Studies faculty, students, staff, and business associates function with the understanding that protection of patients’ personal health information is of utmost importance, especially when it could personally identify the individual. Didactic students complete HIPAA training shortly after matriculation. Clinical-phase students repeat training and are certified as HIPAA compliant shortly before rotations begin and are individually responsible for familiarizing themselves with the privacy and security policies, procedures, and officers at each of their preceptorship sites. Preceptors are encouraged to provide students with site-specific training at the start of each rotation that includes the contact information for the site’s security and privacy officer(s). However, if the information is not provided during the on-site orientation, it is the student’s responsibility to specifically request the name(s) and contact information for the site’s security and privacy officer(s), as well as review all the site’s policies regarding protected patient health information. There are multiple areas of training that require students to be aware of the HIPAA requirements (See Appendix C). Although all PA students complete mandatory HIPAA training through the University, some students will also complete additional training at clinical sites, as required. Students also receive instruction in appropriate social-media practices, academic integrity, and professional behavior. A student who has not completed the above-required training will not be permitted to participate in clinical rotations.