If you have a HIPAA privacy question or concern, please call either the HIPAA Privacy Department within the Office of University Compliance at 954-262-4241, or your designated HIPAA Liaison, or the NSU Ethics and Compliance Reporting Hotline at 888-609-NOVA (6682), if you wish to remain anonymous.
The HIPAA Privacy Rule and NSU Health Care Component HIPAA Privacy Policies generally require that we access, use, and disclose only the minimum amount of protected health information (PHI) necessary to complete a work-related duty, and that we do so only when the PHI is needed for that specific task. For example:
Put them in the locked shredder bin in your area. Make sure you always leave your workspace free of paper protected health information (“PHI”) before you leave at the end of your day.
Please refer to Nova Southeastern University's Records Management and Destruction Policy located at https://www.nova.edu/records/policies-and-procedures.html.
Misdirected faxes received by NSU Health Clinics and/or other NSU departments from non-NSU health care facilities may expose non-NSU health care facility patient and other confidential information to individuals who are not authorized to see that information. In the event of this occurrence please proceed as follows:
No, you must use your work access for work-related purposes only. However, you may use the NSU patient portal to access your own health records.
No, in this case, viewing your spouse’s lab results is not job-related and therefore is prohibited. You may only use your work access to view the health records of a family member (or other individual) when necessary to do your job.
Safeguard protected health information (“PHI”) at home just as you would if working on campus.