This system will allow persons authorized by Department of Public Health (DPH) to access protected health information about individuals for reporting and treatment purposes. This information is entitled to significant privacy protections under federal and state law. The Health Insurance Portability and Accountability Act of 1996 (HIPAA) permits a covered entity to use and disclose protected health information without written authorization if the use or disclosure is for treatment, payment, or health care operations. However, HIPAA requires covered entities to have in place appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information. The disclosure of this information to unauthorized persons or for unauthorized purposes is prohibited without the written consent of the person who is the subject of the information, unless specifically permitted by federal or state law. Unauthorized disclosures of this information may result in significant criminal or civil penalties, as well as punishment up to and including the termination of employment. Failure to properly logout of SENDSS can result in an unauthorized disclosure. Any unauthorized disclosures will be investigated promptly and thoroughly prosecuted.
Agreeing with the Privacy Statement confirms your status as an authorized SENDSS user who is accessing the database only for reporting and treatment purposes. Agreeing with the Privacy Statement also confirms that as an authorized SENDSS user you will reasonably safeguard protected health information from any use or disclosure that is in violation of the Privacy Statement or state and federal law.
Source: HIPAA, 45 CFR ?? 164.502, 164.506, 164.530.