MTSOA Privacy Policy 2019

Medical Technology Solutions of America, (MTSOA), seeks to protect the privacy of Protected Health Information received from MTSOA customers regarding their patients. MTSOA will not use or disclose Protected Health Information received from MTSOA customers except as authorized by MTSOA customer contracts or otherwise permitted under these policies. In performance of their duties, MTSOA IC's shall request from MTSOA customers only the minimum amount of PHI necessary in order to perform services for the customer.

MTSOA contractors may not disclose Protected Health Information to any person or entity.

Whenever possible MTSOA Independent Contractors (IC) who use Protected Health Information in paper form will discard such information after use. MTSOA IC's who discard Protected Health Information shall shred paper copies of such information prior to discarding.

Where Health Information is stored by MTSOA IC's on electronic media, access to such information shall be limited to IC's who require access to perform their job duties.

Workstation Use:

SCOPE:
These policies and procedures apply to all IC's of MTSOA.

POLICY:

• MTSOA is entrusted by customers and required by contract and law to ensure the privacy and security of individually identifiable health information.

• MTSOA takes reasonable and appropriate steps to maintain polices and procedures to comply with the Privacy and Security Rules and Regulation related to HIPAA.

SECURITY AND PROPRIETARY INFORMATION:

• Keep passwords secure and do not share accounts. Authorized users are responsible for the security of their passwords and accounts. System level passwords should be changed quarterly, user level passwords should be changed every six months.

• All PC's, laptops, and workstations should be secured with a password-protected screen saver with automatic activation feature set at 10 minute or less, or by logging-off when the host will be unattended.

• Postings to newsgroups by IC's from MTSOA email address should contain a disclaimer stating that the opinions expressed are strictly their own and not necessarily those of MTSOA, unless posting is in the course of business.

PROHIBITED ACTIVITY:

The following activities are strictly prohibited, with no exceptions:

• Revealing your account password others or allowing use of your account by others. This includes family and other household member when work is being done at home.

• Sending Protected Health Information via unencrypted email.

• Storing Protected Health Information on computer unless being used to complete job function.