Eye Hospital : Documented policies and procedures for maintaining confidentiality, integrity and security of records, data and information

 

Documented procedures exist for maintaining confidentiality, security and integrity of information as mentioned below.

SOP for maintaining Confidentiality, Security and Integrity of information.
Sr. No.	Process Flow	Responsibility
1	The patients are the owners of their medical record and in no form it should be made available to any third party without written authorization from the patient. Medical records are stored by the staff. Access to the Medical Record is limited to authorized staff.	Asst. Manager /Receptionist
2	The patient’s relatives require written authorization from the patient to obtain information from the medical record. The administrator or members of the Quality team (for audit reasons), or court-of-law or police (for legal reasons) may have access to information within medical record with an approved written request. The patients and the TPAs (for financial reasons) are given,(if needed) Xerox copies while retaining the original with the establishment.	Asst. Manager & Staff
3	Once the patient is discharged from RDEH, the medical records are stored in the Hospital.	Asst. Manager
4	The Reception Staff is responsible for proper storage, retrieval, and maintenance of confidentiality and security of the record.	Reception Staff
5	The Administrator is the overall supervisor of the medical records, from generation, storing, until destruction. All the staff members are equally responsible for maintaining integrity of the record while generating or handling it.	Asst. Manager & All Staff
6	The record means both in paper or digital form whether they are generated inside or sourced from outside. The integrity, confidentiality needs to be maintained in both the cases.	Asst. Manager
7	The Staff is informed that the record is the property of the RDEH and cannot be parted with to anyone at any cost. In case of violation, legal action can be initiated. Management views any violation with zero tolerance and staff is made aware about this policy.	Asst. Manager

 

Privileged health information is used for the purposes identified or as required by law and not disclosed without the patient’s authorization. This information is useful while executing treatment plan and various precautions to be taken during this process.