- Grant of Access
Subject to Section 2 below and contingent upon my agreement to comply with the following terms and conditions ("Terms") and my affirmation that I have received HIPAA training, I understand and agree that I have been granted a limited right to access PhysicianLink. Use of PhysicianLink other than as outlined in these Terms is strictly prohibited and will result in the loss of access privileges, and other actions, as further set forth below.
- Review of Access Applications
Penn Medicine will review my access application and will approve or disapprove such application at its sole discretion.
-
Permissible System Use
I will only use PhysicianLink to access PHI of Penn Medicine patients to carry out treatment duties to such patients or to perform other functions for which access has been granted under this agreement.
I understand that I may only use PhysicianLink and information accessed through PhysicianLink to (1) coordinate or manage the health care of my patients; (2) obtain reimbursement for the provision of health care to my patients; (3) engage in limited health care operations related to my patients and my practice as allowed by law; or (4) if requested by Penn Medicine, test PhysicianLink and provide feedback to Penn Medicine administration.
I understand that accessing my electronic health record out of curiosity or for non-business-related reasons is outside the performance of my job duties and is therefore prohibited.
- To request access to my health record, I may contact the Health Information Management/Medical Records Department.
- I may also access and manage my records online through my personal MyChart by myPennMedicine account.
I will adhere to any PhysicianLink use guidelines provided by Penn Medicine, including PhysicianLink instructional and training materials. If I am unsure of whether a particular use of PhysicianLink is appropriate, I will confirm with my practice’s Site Administrator or a Penn Medicine representative before making such use of PhysicianLink.
-
Confidential PhysicianLink Data
In using PhysicianLink, I may gain access to certain confidential and/or proprietary information, including but not limited patient's protected health information ("PHI"), patient family information, and other confidential Penn Medicine information (together, "PhysicianLink Data"). Certain information, including alcohol and drug abuse, mental health, HIV/AIDs, other sexually transmitted diseases, and genetic information, is highly sensitive and subject to additional protections under applicable privacy laws, such as requiring the consent of the patient before disclosure. Penn Medicine may limit the availability of such information through PhysicianLink. I hereby agree to protect and keep all such PhysicianLink Data confidential and not to disclose it to others, including other employees, patients, patient family members, and other third parties unless I am otherwise authorized by Penn Medicine, the patient (for patient-specific information), or where required by law. I will comply with all applicable privacy and confidentiality laws, including HIPAA and HITECH, and relevant state privacy laws. My signature below is my affirmation that I have received HIPAA training.
I further agree to do the following to protect PhysicianLink Data:
- Promptly report to Penn Medicine any breach of security or confidentiality of which I become aware, including but not limited to any unauthorized use or disclosure of any PhysicianLink Data;
- Take appropriate precautions to ensure that patients, visitors, or unauthorized personnel will not be able to see the computer screen during access to PhysicianLink;
- Promptly notify Penn Medicine of any request for PhysicianLink Data from a court, governmental agency, or any other source, and, before disclosing any such data, provide Penn Medicine sufficient opportunity to oppose such disclosure or take other appropriate action;
- Implement reasonable administrative, physical, and technical safeguards to prevent unauthorized access, use, or disclosure of PhysicianLink Data, and comply with all security-related terms herein: and
- Advise patients requesting access or amendment regarding their medical records that these requests must be addressed to Penn Medicine directly.
-
Password Protection and Security
I understand that Penn Medicine has implemented administrative, technical, and physical safeguards to protect the privacy of PHI and other PhysicianLink Data. To access PhysicianLink, I will be granted a unique user ID and password. I agree that I will not (1) share my password or access information with anyone; (2) allow or assist anyone to access PhysicianLink who is not an authorized user; (3) use someone else’s password; or (4) compromise the privacy or security of the PhysicianLink Data.
I understand that I am responsible for any use of PhysicianLink utilizing my user ID and password. This includes data entered, viewed, printed, or otherwise manipulated. If I believe that another person has obtained my password, I will inform Penn Medicine and change my password as soon as reasonably practical. I will not alter PhysicianLink Data or PhysicianLink software in any way. If I believe the software has been altered or suspect that there is any problem due to unauthorized data alteration or destruction, I will stop using it immediately and report the problem to Penn Medicine.
- Audit and Sanction; Deactivation of Account
Penn Medicine may audit my access to PhysicianLink and investigate directly cases of potential inappropriate access. This may include conducting interviews and I agree to reasonably cooperate with such investigations. Should it be determined that I have inappropriately used or disclosed PhysicianLink Data, or otherwise breached these Terms, Penn Medicine may terminate this agreement, deactivate my access to PhysicianLink , and/or I may be subject to another form of sanction including but not limited suspension or revocation of my medical or auxiliary staff privileges at Penn Medicine if any. I understand that Penn Medicine may deactivate my PhysicianLink access at any time and for any reason in its sole discretion, with sufficient notice so as not to compromise patient care or safety. If my account is deactivated, I agree to stop using my user ID and password immediately and will not attempt to access PhysicianLink thereafter. If my access, employment, and/or affiliation are terminated for violations of these terms, I may not be allowed to access Penn Medicine information systems even if I become employed by another health care provider or company.
- Term
These Terms take effect on the date on which this agreement is signed and will remain in effect until my access to PhysicianLink is deactivated by Penn Medicine. If my employment or association with the practice named below ends, I will inform my Penn Medicine representative within 10 days of such change to terminate or modify my PhysicianLink access.
- Miscellaneous
I understand that Penn Medicine may periodically update these Terms, and that my ongoing use of PhysicianLink represents my acceptance of any such changes. These Terms govern all use of PhysicianLink, notwithstanding any other agreements I, or my practice, may have entered into previously with Penn Medicine and/or the University of Pennsylvania Health System (“UPHS”).