Resources

Related Links

Guide to Open Notes and Results Release 

Open Notes and Results Release refer to the automatic release of clinical notes and results to patients and their proxies via the Connect Patient Portal, unless a clinician prevents the release due to allowable exceptions to prevent physical harm or protect patient privacy. The goal is to improve patient engagement and access to their electronic health information by preventing health information blocking.         

Health Care Terms 2022

Greater New York Hospital Association (GNYHA) created Health Care Terms 2022 to help care professionals and others understand commonly used health care terms and acronyms.        

ColumbiaDoctors
ColumbiaDoctors is the faculty medical practice of Columbia University Irving Medical Center; it includes more than 1,700 physicians, dentists, and nurses in more than 230 specialties and subspecialties. ColumbiaDoctors is affiliated with NewYork-Presbyterian, the No. 1 hospital in the New York area and one of the top 10 hospitals in the nation, according to U.S. News & World Report.

Human Research Protection Office and IRBs
The mission of the CU IRB is to enhance and facilitate the ethical conduct of human subjects research conducted by Columbia, and by Columbia faculty, regardless of location. The CU IRB will perform this mission through its review of human subjects research, its educational and training initiatives, and its compliance oversight and quality improvement programs.

Case Report Authorization Form
The signed Case Report Authorization Form should be placed in the patient's medical record. The AAMC's Guidance on Patient Privacy and the Publication or Dissemination of Case Reports document should be reviewed.

IRB Case Report Policy

A case report is a description of (a) the course of medical treatment with one or more patients that has a unique outcome or (b) the handling of a unique clinical case; which in either case did not involve the investigator having any research intent at the time of the intervention [i.e., no prospective plan to systematically evaluate the outcome for purposes other than treating the particular patient(s)].   

Information Security Policies and Procedures
The Information Security Office (ISO), part of CUIMC IT, facilitates all aspects of information security risk management at CUIMC, with a particular focus on threat management and HIPAA compliance. This includes administration and enforcement of information security policies on campus. ISO also provides guidance to CUIMC Schools and Departments regarding any information security concerns they may have.

Social Security Number Protection Act

NY State Social Security Number Protection Act Summary was created to help keep social security numbers more private. The law applies to Federal, state, and local agencies from displaying a social security number or part of a social security number.    

HIPAA Media Authorization Form

Columbia University communication authorization.        

Privacy Newsletter October 2021 

A significant number of healthcare workers continue to work remotely. While there are benefits to remote work, there are also significant challenges and risks.                                                                                                                                                                                                                                                      

 

External Links

US Department of Health and Human Services HIPAA Website
US Department of Health and Human Services Health Information Privacy website where you will find information for individuals, how to file a complaint, HIPAA information for professionals, contact information for the Office for Civil Rights.

Family Educational Rights and Privacy Act
The Family Educational Rights and Privacy Act (FERPA) (20 U.S.C. § 1232g; 34 CFR Part 99) is a Federal law that protects the privacy of student education records. The law applies to all schools that receive funds under an applicable program of the U.S. Department of Education.

Disposal of Protected Health Information
The HIPAA Privacy Rule requires that covered entities apply appropriate administrative, technical, and physical safeguards to protect the privacy of protected health information (PHI), in any form. See 45 CFR 164.530(c). This means that covered entities must implement reasonable safeguards to limit incidental, and avoid prohibited, uses and disclosures of PHI, including in connection with the disposal of such information.

Record Retention Grid
The Greater New York Hospital Association (GNYHA) developed the attached comprehensive records retention grid including the related legal citation.   Refer to the Columbia University Policy on Records Retention posted in the Administrative Policy Library for additional information.

Information-Sharing Between Hospitals and Law Enforcement
The Greater New York Hospital Association (GNYHA) developed the attached Information-Sharing Between Hospitals and Law Enforcement document to assist members with interactions with law enforcement.