Destruction of EPF printed material
Drexel University Clinical Covered Entities
Privacy Program Policies and Procedures
Policy Title: Destruction of EPF printed material
Policy Number: IM-21
Effective Date: March 1, 2004; September 23, 2013
Last Revision: September 1, 2017
Responsible Officer: Vice President, Chief Compliance, Privacy and Internal Audit Officer
Table of Contents
This policy applies to all Covered Entities within Drexel University.
Covered entities are defined in the HIPAA rules as (1) health plans, (2) health care clearinghouses, and (3) health care providers who electronically transmit any health information in connection with transactions for which HHS has adopted standards.
Drexel University (DU) requires that Risk, Compliance and Quality Assurance department staff granted "view" and "print" access to the American Academic Health System (AAHS) Electronic Patient Folder (EPF) be limited to use of the printed information for physician education purposes. The printed information is not to be copied or distributed and is to be utilized for the duration of the physician education/clarification session. All printed EPF documents will be returned to the office space of the authorized user for destruction by shredding.
Risk Staff means the Director of Risk Management in the Office of General Counsel.
Compliance Staff means the Executive Director of Compliance Services and the Compliance analysts reporting to the Vice President, Chief Compliance and Privacy Officer.
Quality Assurance Staff means the Director of Quality Assurance.
This policy applies to DU Compliance & Privacy, Quality Assurance and Risk Management staff.
Information that falls under this policy includes any EPF based material that has been printed. Use is permissible given the Joint Notice of Privacy Practices presented each patient by AAHS on behalf of AAHS and DU. Destruction after educational intervention with the physician is a condition of use required by AAHS and agreed to by DU.
Back to Top