Presentation is loading. Please wait.

Presentation is loading. Please wait.

CONFIDENTIALITY Do you know what it is?

Published byDavid Nygård Modified over 5 years ago

Similar presentations

Presentation on theme: "CONFIDENTIALITY Do you know what it is?"— Presentation transcript:

1 CONFIDENTIALITY Do you know what it is?
Do you know the proper way(s) to use it? The state of keeping or being kept secret or private.

2 Confidentiality When an employee brings you a problem, you have a running head start—at least he knows he has the problem…but what do you do when HE is the problem? And cannot see it??

3 What is Confidentiality?
Confidentiality involves a set of rules or a promise usually executed through confidentiality agreements that limits access or places restrictions on certain types of information. Confidentiality is the protection of personal information. It means keeping a client’s information between you and the client, and not telling others including co-workers, friends, family, etc. DSS Security Training offers all sorts of confidentiality training? Sensitive Information or PII? Name a few?

4 Maintaing Confidentiality
Treat others, as you want to be treated. Show respect and concern for the feelings, dignity, and rights of others. Some examples of maintaining confidentiality in a medical setting are: As a employee of DSS use caution when dealing with client records.

5 All workers need to be aware that there are State and Federal laws that cover confidentiality. Basically, information cannot be disclosed, without the consent of the person to whom the information relates or for the purpose of legal proceedings, such as a court order or subpoena that allows access to records.

6 Why is Confidentiality Important?
October 15th, 2010 | By Jules Halpern Associates | ADA, Confidential Information, Employee Handbook, Human Resources, Immigration, Investigations, Privacy Rights, Restrictive Covenants In today’s increasingly litigious and highly competitive workplace, confidentiality is important for a host of reasons: Failure to properly secure and protect confidential business information can lead to the loss of business/clients. In the wrong hands, confidential information can be misused to commit illegal activity (e.g., fraud or discrimination), which can in turn result in costly lawsuits for the employer. Many states have laws protecting the confidentiality of certain information in the workplace. The disclosure of sensitive employee and management information can lead to a loss of employee trust, confidence and loyalty. This will almost always result in a loss of productivity. The word "toxic" often refers to nasty, chemical products or by-products--those compounds you know to be poisonous, dangerous, contaminated and even lethal. We also use the word to describe people we know… Just what is a toxic employee and how do you recognize one? Are they really harmful to your agency? And if they are, what exactly can you do about them?

7 What Type of Information Must or Should Be Protected?
Confidential workplace information can generally be broken down into three categories: employee information, management information, and business information.

8 Employee Information:
Employee Information: Many states have laws which govern the confidentiality and disposal of “personal identifying information” (e.g., an employee’s Social Security number, home address or telephone number, e- mail address, Internet identification name or password, parent’s surname prior to marriage or driver’s license number). The Americans with Disabilities Act of 1990 (ADA) requires employee medical and disability information be kept confidential and limits access to those employees who have a “business need-to-know” (e.g., supervisors who need to know about restrictions on the work of an employee or other reasonable accommodations that need to be made, safety personnel handling medical emergencies, government officers investigating complaints of disability discrimination). The Health Insurance Portability and Accountability Act of 1996 (HIPAA) regulates healthcare providers’ use and disclosure of individually identifiable health information (known as Protected Health Information). The Immigration Form I-9s must also be protected from accidental disclosure. The information contained on these forms (e.g., national origin, age) should be kept confidential so as to avoid discrimination claims from employees.

9 Management Information:
Confidential management information includes discussions about employee relations issues, disciplinary actions, impending layoffs/reductions-in-force, terminations, workplace investigations of employee misconduct, etc. While disclosure of this information isn’t necessarily “illegal,” it is almost always counterproductive and can seriously damage the collective “psyche” of a workplace.

10 Business Information:
We oftentimes refer to confidential business information as “proprietary information” or “trade secrets.” This refers to information that’s not generally known to the public and would not ordinarily be available to competitors except via illegal or improper means. Common examples of “trade secrets” include manufacturing processes and methods, business plans, financial data, budgets and forecasts, computer programs and data compilation, client/customer lists, ingredient formulas and recipes, membership or employee lists, supplier lists, etc. “Trade secrets” does not include information that a company voluntarily gives to potential customers, posts on its website, or otherwise freely provides to others outside of the company.

11 What Steps Can Be Taken To Better Protect Confidential Information?
Develop written confidentiality policies and procedures: Every business/organization should have a written confidentiality policy (typically in its employee handbook) describing both the type of information considered confidential and the procedures employees must follow for protecting confidential information. At the very least, we recommend employers adopt the following procedures for protecting confidential information: Separate folders should be kept for both form I-9s and employee medical information. All confidential documents should be stored in locked file cabinets or rooms accessible only to those who have a business “need-to-know.” All electronic confidential information should be protected via firewalls, encryption and passwords. Employees should clear their desks of any confidential information before going home at the end of the day. Employees should refrain from leaving confidential information visible on their computer monitors when they leave their work stations. All confidential information, whether contained on written documents or electronically, should be marked as “confidential.” All confidential information should be disposed of properly (e.g., employees should not print out a confidential document and then throw it away without shredding it first.)

12 Employees should refrain from discussing confidential information in public places.
Employees should avoid using to transmit certain sensitive or controversial information. Limit the acquisition of confidential client data (e.g., social security numbers, bank accounts, or driver’s license numbers) unless it is integral to the business transaction and restrict access on a “need-to-know’ basis. Before disposing of an old computer, use software programs to wipe out the data contained on the computer or have the hard drive destroyed. A confidentiality policy should also describe the level of privacy employees can expect relating to their own personal property (e.g., “for your own protection, do not leave valuable personal property at work and do not leave personal items — especially your purse, briefcase or wallet — unattended while you are at work”) and personal information (e.g., “your medical records are kept in a separate file and are kept confidential as required by law”). Finally, all businesses/organizations should have their confidentiality policies reviewed to ensure compliance with state law. For example, the New York Employee Personal Identifying Information Law, which became effective January 3, 2009, requires the creation of policies and procedures to prevent the prohibited use of “personal identifying information” and requires employers notify employees of such policies and procedures.

13 Train management and employees on confidentiality policy:
Train management and employees on confidentiality policy: Oftentimes, simply having a written confidentiality policy is not enough. In order for the confidentiality policy to be effective, managers, supervisors and employees must be educated on confidentiality issues and the company’s policies and procedures. Management and employees should be allowed an opportunity to ask questions about the policies, and everyone should be trained to avoid putting sensitive information in s. Many companies and organizations include this training as part of the new-hire/orientation process. Management should also be instructed as to the proper way of communicating with the company’s inside and outside counsel so as to ensure that certain work-related documents and s are protected by the attorney-client privilege.

14 Enforce Confidentiality Policy:
This is one of the most important steps a business/organization can take to protect its confidential information, and unfortunately, it’s oftentimes the one step that is ignored. All the policies, procedures and training in the world will not matter if those policies and procedures are not enforced. In order for a confidentiality policy to have “teeth,” employees who violate the policy must be disciplined in accordance with an employer’s corrective action procedures. What can toxic employees do? Weaker employees who can’t combat this or don’t really understand what's happening can become victims of this virus; these victims often can't discern or differentiate antagonism from positive criticism, can't separate forming negative coalitions from simply agreeing with colleagues. New employees who don’t understand your unit or agency’s dynamics can get pulled into the web—the toxic person can often be friendly to new people, inclusive, welcoming—and the hew folks won’t know that they are being lured into the spider’s web. Because neither employees nor organizations are immune from employees with toxic, negative attitudes and behaviors, as the boss, you have to be aware of the signs, symptoms and impact of toxic people.

15 Consider or Do you have? Consider Having New and/or Current Employees Sign a “Non-Disclosure” Agreement: These agreements go by many names.  Sometimes they are called “non-disclosure agreements,” and other times they are called “proprietary information agreements.” Regardless of title, these agreements are contracts designed to protect the confidential “business information” described above (e.g., “trade secrets”). These agreements are vital to most businesses today, especially considering the ease in which employees can now electronically transfer large amounts of information, much of which would be incredibly damaging in the hands of a competitor.

16 Prevention & Deterrence
When it comes to confidentiality, prevention and deterrence is key. The first question we ask our clients when they contact us in response to a potential confidentiality breach is “do you have a confidentiality policy and/or non-disclosure agreement?” The stronger your policies and agreements, the better you are prepared to take quick and effective action to protect your business/organization. Of course, we are always available to counsel employers in the area of confidentiality and to develop policies and agreements that provide businesses with the proper safeguards.

17 A few examples of maintaining confidentiality?
Keep care plans in folders and not in general areas (eg lounge, kitchen) Not discussing information with any other than legally involved (sometimes this includes family) Not having a discussion with clients in lobbys or sharing information in general public. Go to a private area or shutting doors when having a discussion. Keeping client information in a safe area at your desk or in a locked cabinet and not taking them out of the office. Having permission to pass on information. Not talking about a patients status with anyone unless they are directly related to the care of the patient, that includes family and spouses. Keeping computers with patient info locked if you walk away. (keeping some of the stalkers away) Not discussing patient or specifics while on break or in the employee dining areas. (non professional to discuss who has herpes at lunch) Only give patient info if there is a release of information signed by the patient, (even if they say that they are related unless you can identify them and have a release deny it) keeping records and data securely by having passworded computers, locked offices and files in locked cupboards. Verify that people seeking info are authorised. Dont gossip about people in the workplace or at least have the door closed.

18 Why must we fix this? Because things generally don’t self- correct.
Because one bad apple can spoil the entire barrel. Because this is a customer service job. Because the rest of your unit knows and is wondering what you are going to do about it. What can toxicity lead to? A  decrease in or lack of productivity A decrease in or poor morale An increased frequency in arguments between the employee and others A sense that the employee is increasingly frustrated because "things just aren't going right" A negative, antagonistic attitude An increase in negative comments and personal attacks An unwillingness to work overtime or stay late without reason An unwillingness to "go the extra mile" while encouraging others to refuse as well Other symptoms include infighting, backbiting, passive/aggressive behavior (aggressive actions done in a passive or weak manner), arguments or criticisms for the sake of being different or antagonistic, and an unwillingness to help out others in a culture that values providing input and assistance to colleagues.

19 Discussion? Questions? Thanks for coming, enjoy the conference.
Dana Boothe, New Kent DSS ext 5111 Darlene Chamberlain, King William DSS

Download ppt "CONFIDENTIALITY Do you know what it is?"

Similar presentations

31511230/0403 © 2004 Business & Legal Reports, Inc. BLRs Training Presentations Privacy Issues in the Workplace.

/0403 © 2004 Business & Legal Reports, Inc. BLRs Training Presentations Privacy Issues in the Workplace.
Confidentiality: What Is Our Responsibility?

Confidentiality: What Is Our Responsibility?
Protect Our Students Protect Ourselves

Protect Our Students Protect Ourselves
Privacy and Information Security Training (2006-07) VUMC Privacy Website www.mc.vanderbilt.edu/privacy.

Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.

HIPAA. What Why Who How When What Is HIPAA? Health Insurance Portability & Accountability Act of 1996.
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA.

HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.

National Health Information Privacy and Security Week Understanding the HIPAA Privacy and Security Rule.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.

1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
NAU HIPAA Awareness Training

NAU HIPAA Awareness Training
COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.

COMPLYING WITH HIPAA PRIVACY RULES Presented by: Larry Grudzien, Attorney at Law.
HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.

HIPAA HIPAA Health Insurance Portability and Accountability Act of 1996.
Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.

Ethics Ethics are the rules of personal behavior and conduct established by a social group for those existing within the established framework of the social.
FERPA: Family Educational Rights and Privacy Act.

FERPA: Family Educational Rights and Privacy Act.
1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.

1 GRAND VALLEY STATE UNIVERSITY FAMILY EDUCATIONAL RIGHTS & PRIVACY ACT (FERPA) TRAINING OFFICES OF THE REGISTRAR AND UNIVERSITY COUNSEL JANUARY 20, 2009.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)

HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Confidentiality… important facts to know and critical things to do!

Confidentiality… important facts to know and critical things to do!
HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: www.mc.vanderbilt.edu/HIPAA HIPAA Basic.

HIPAA Basic Training for Privacy and Information Security Vanderbilt University Medical Center VUMC HIPAA Website: HIPAA Basic.
CONFIDENTIALITY GUIDELINES FOR PA STAFF Based on HIPAA Regulations & General Confidentiality Protocols.

CONFIDENTIALITY GUIDELINES FOR PA STAFF Based on HIPAA Regulations & General Confidentiality Protocols.
HIPAA PRIVACY AND SECURITY AWARENESS.

HIPAA PRIVACY AND SECURITY AWARENESS.
Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Privacy and Security of Protected Health Information NorthPoint Health & Wellness Center 2011.

Similar presentations

Ads by Google