Common use of CONFIDENTIALITY AND SECURITY OF CLIENT INFORMATION Clause in Contracts

CONFIDENTIALITY AND SECURITY OF CLIENT INFORMATION. The Provider will ensure compliance with the Health Insurance Portability & Accountability Act of 1996 (HIPAA), the Health Information Technology for Economical and Clinical Health Act of 2009 (HITECH), and 45 C.F.R. 160 and 164, if applicable, and other federal and state requirements for the privacy and security of protected health information the Provider receives, maintains, or transmits, whether in electronic or paper format. Client information is confidential and cannot be released without the HIPAA-compliant written authorization of the client and DHSS, except as permitted by other state or federal law. By entering into this Agreement the Provider acknowledges and agrees to comply with the Privacy and Security Procedures for Providers as set forth in Appendix F to this Agreement. DHSS has also adopted a platform called Direct Secure Messaging (DSM), which meets HIPAA requirements for data encryption. Do not, under any circumstances, send Electronically Protected Health Information (EPHI) or other sensitive data in email. In order to transfer these files in a HIPAA-compliant manner through email, the provider must use DSM. Additionally, DSM must be used only for the transfer of EPHI or other sensitive data, and not for other communications. Please review the FAQs about DSM at this link: xxxx://xxxx.xxxxxx.xxx/hit/pages/direct-secure- messaging.aspx and information concerning the Alaska Personal Information Protection Act at xxxx://xxx.xxx.xxxxx.xx.xx/department/civil/consumer/4548.html Any information about General Relief clients that is obtained or developed under General Relief Provider Agreements or via the General Relief Program is confidential. Client information cannot be released without the written authorization of the Division, except as permitted by other state or federal law. In the event that the Provider is requested to transmit information, all personally identifiable client information transmitted from the Provider must be sent through DSM to Xxxxxxx.Xxxxxx@xxx.xxx.xxxxxxxx.xxx or mail. Regular email (yahoo, gmail, etc.) may not be used to communicate confidential client information. To transfer or email any form of communication using a consumer’s name and personal information, you must use DSM. If there are any questions, the Provider must call or email the General Relief Program for guidance.

CONFIDENTIALITY AND SECURITY OF CLIENT INFORMATION. The Provider will ensure compliance with the Health Insurance Portability & Accountability Act of 1996 (HIPAA), the Health Information Technology for Economical and Clinical Health Act of 2009 (HITECH), and 45 C.F.R. 160 and 164, if applicable, and other federal and state requirements for the privacy and security of protected health information the Provider receives, maintains, or transmits, whether in electronic or paper format. Client information is confidential and cannot be released without the HIPAA-compliant written authorization of the client and DHSS, except as permitted by other state or federal law. By entering into this Agreement the Provider acknowledges and agrees to comply with the Privacy and Security Procedures for Providers as set forth in Appendix F B to this Agreement. DHSS has also adopted a platform called Direct Secure Messaging (DSM), which meets HIPAA requirements for data encryption. Do not, under any circumstances, send Electronically Client information transmitted through Telehealth video teleconferencing is considered to be Protected Health Information (EPHI) or other sensitive data in email. In order to transfer these files in a HIPAA-compliant manner through email, the provider must use DSM. Additionally, DSM and must be used only for protected under the transfer of EPHI or other sensitive data, and not for other communicationsapplicable privacy laws. Please review the FAQs about DSM at this link: xxxx://xxxx.xxxxxx.xxx/hit/pages/direct-secure- messaging.aspx and There should be no additional information concerning the Alaska Personal Information Protection Act at xxxx://xxx.xxx.xxxxx.xx.xx/department/civil/consumer/4548.html Any information about General Relief regarding clients that is obtained or developed under General Relief the Provider Agreements or via the General Relief Program is confidentialmust transmit to DHSS. Client information cannot be released without the written authorization of the DivisionHowever, except as permitted by other state or federal law. In in the event that the Provider is requested to transmit information, all personally identifiable client information transmitted from the Provider must be sent through DSM to Xxxxxxx.Xxxxxx@xxx.xxx.xxxxxxxx.xxx or mail. Regular email (yahoo, gmail, etc.) may not be used to communicate confidential client information. To transfer or email any form of communication using a consumer’s name and personal information, you must use DSMfax. If there are any questions, the Provider must call or email the General Relief Telehealth Program Coordinator. To protect confidentiality, the Provider must first establish the mechanism for guidancea secure electronic file transfer (DSM). Or, the Provider may fax the information to the Telehealth Program Coordinator, after clearly identifying it as confidential on the cover page of the fax transmission. Alternatively, the Provider may submit hard copy information in a sealed envelope, stamped “confidential” placed inside another envelope. This information must be sent by certified, registered or express mail, or by courier service, with a requested return receipt to verify that it was received by the appropriate individual or theTelehealth Program Coordinator.

CONFIDENTIALITY AND SECURITY OF CLIENT INFORMATION. The Provider will ensure compliance with the Health Insurance Portability & Accountability Act of 1996 (HIPAA), the Health Information Technology for Economical and Clinical Health Act of 2009 (HITECH), and 45 C.F.R. 160 and 164, if applicable, and other federal and state requirements for the privacy and security of protected health information the Provider receives, maintains, or transmits, whether in electronic or paper format. Client information is confidential and cannot be released without the HIPAA-compliant written authorization of the client and DHSSDOH, except as permitted by other state or federal law. By entering into this Agreement Agreement, the Provider acknowledges and agrees to comply with the Privacy and Security Procedures for Providers as set forth in Appendix F D to this Agreement. DHSS DOH has also adopted a platform called Direct Secure Messaging (DSM), which meets HIPAA requirements for data encryption. Do not, under any circumstances, send Electronically Protected Health Information (EPHI) or other sensitive data in email. In order to transfer these files in a HIPAA-HIPAA- compliant manner through email, the provider Provider must use DSM. Additionally, DSM must be used only for the transfer of EPHI or other sensitive data, and not for other communications. Please review the FAQs about DSM at this link: xxxx://xxxx.xxxxxx.xxx/hit/pages/direct-secure- messaging.aspx DOH DSM Home Page and information concerning the Alaska Personal Information Protection Act at xxxx://xxx.xxx.xxxxx.xx.xx/department/civil/consumer/4548.html Department of Law Alaska Personal Information Act. Any information about General Relief clients ACL Program residents that is obtained or developed under General Relief ACL Provider Agreements or via the General Relief ACL Program is confidential. Client Resident information cannot be released without the written authorization of the DivisionDOH, except as permitted by other state or federal law. In the event that the Provider is requested to transmit information, all personally identifiable client resident information transmitted from the Provider must be sent through DSM to Xxxxxxx.Xxxxxx@xxx.xxx.xxxxxxxx.xxx or mailto: xxx.xxx.xxxxxxxxxx@xxx.xxx.xxxxxxxx.xxx. Regular email (Gmail, yahoo, gmail, etc.) may not be used to communicate confidential client resident information. To transfer or email any form of communication using a consumerresident’s name and personal information, you must use DSM. If there are any questions, the Provider must call or email the General Relief ACL Program for guidance. Information regarding the ACL Program, including contact information, can be found at the Alaska Community Living (ACL) Program Website.