Idaho Falls Employment Health Clinic (IFEHC) maintains binders for both its HIPAA Privacy Rule and HIPAA Security Rule compliance programs. For questions, reach out to IFEHC's HIPAA Privacy and Security Compliance Officer at HIPAA@ifehc.com. Note that all links are more likely to work with Mozilla Firefox.
All covered entities are required to have a HIPAA Privacy Compliance Binder. This document is required to contain applicable policies as well as documentation. This document and the remaining contents on this page form the bulk of the binder. A few of the contents are NOT available on the website, because they constitute sensitive informa
All covered entities are required to have a HIPAA Privacy Compliance Binder. This document is required to contain applicable policies as well as documentation. This document and the remaining contents on this page form the bulk of the binder. A few of the contents are NOT available on the website, because they constitute sensitive information. They are available in the clinic to entities with appropriate credentials. This document was compiled by IFEHC's HIPAA Compliance Officer (HIPAA@ifehc.com).
This document serves as the binder's table of contents. Items are grouped into three categories: 1 - Specific Documents, 2 - Forms, 3 - Documentation/Reports.
All Covered Entities (i.e., IFEHC) are required to name a HIPAA Compliance Officer. That individual is responsible for compiling and updating this binder, providing training to all personnel, and ensuring compliance.
The current HIPAA Compliance Officer is the Medical Director. IFEHC's Compliance Officer can be reached by e-mail at HIPAA@I
All Covered Entities (i.e., IFEHC) are required to name a HIPAA Compliance Officer. That individual is responsible for compiling and updating this binder, providing training to all personnel, and ensuring compliance.
The current HIPAA Compliance Officer is the Medical Director. IFEHC's Compliance Officer can be reached by e-mail at HIPAA@IFEHC.com or in writing at the clinic's address (see website header).
IFEHC holds its personnel to more stringent standards than applicable law or even industry culture. IFEHC provides ongoing didactic training that includes security awareness and gives its own final examination. Failure to pass IFEHC's final examination on the first attempt is considered an inability to perform essential job functions and
IFEHC holds its personnel to more stringent standards than applicable law or even industry culture. IFEHC provides ongoing didactic training that includes security awareness and gives its own final examination. Failure to pass IFEHC's final examination on the first attempt is considered an inability to perform essential job functions and is grounds for instant termination. Personnel can be sanctioned at any point if the Compliance Office and/or Medical Director deem them inefficient.
Successful completion of HIPAA training on the first attempt is regarded as a fundamental requirement of employment at IFEHC. The exam is 45 questions administered over 60 minutes with a predetermined pass level.Failure to do so is grounds for instant termination.
Click the link to be directed to a practice test comparable in content and d
Successful completion of HIPAA training on the first attempt is regarded as a fundamental requirement of employment at IFEHC. The exam is 45 questions administered over 60 minutes with a predetermined pass level.Failure to do so is grounds for instant termination.
Click the link to be directed to a practice test comparable in content and difficulty. The estimated pass level for this practice examination is 65%.
IFEHC implements and maintains a variety of administrative, physical, and technical safeguards designed to protect the privacy, security, and integrity of patient information.
IFEHC uses paper charts. It retains records and related policies for a minimum of six (6) years or indefinitely if it has good faith reason to be believe that the records will be germane to legal proceedings.
IFEHC complies with all applicable privacy laws. However, be advised that there are exceptions prescribed by statutes. They specify circumstances when there is a duty to disclose to other parties (e.g., the employer or the public) need-to-know information. Should such a circumstance arise, IFEHC will make all efforts to limit the scope of
IFEHC complies with all applicable privacy laws. However, be advised that there are exceptions prescribed by statutes. They specify circumstances when there is a duty to disclose to other parties (e.g., the employer or the public) need-to-know information. Should such a circumstance arise, IFEHC will make all efforts to limit the scope of information disclosed to what is legally required. To access IFEHC's Privacy policy, click the link below. For additional questions, reach the HIPAA Compliance Officer at HIPAA@IFEHC.com.
This document is a summary of Document #134: IFEHC's Privacy Practices Policy. It is available here (i.e., online), it is posted in the clinic, and it is given to each patient as a handout. Patients (or their representatives) must sign an acknowledgement of receiving and understanding this policy (Document #135) in order to receive servic
This document is a summary of Document #134: IFEHC's Privacy Practices Policy. It is available here (i.e., online), it is posted in the clinic, and it is given to each patient as a handout. Patients (or their representatives) must sign an acknowledgement of receiving and understanding this policy (Document #135) in order to receive services. For additional questions, reach the HIPAA Compliance Officer at HIPAA@IFEHC.com.
Covered Entities are required to obtain a good faith effort to receive written acknowledgement of the Notice of Privacy Practices (Document #135). Of note, IFEHC's NPP asks patients to indicate if they would like to restrict the means of requesting their medical records or the media on which they are produced. Patients are advised to prov
Covered Entities are required to obtain a good faith effort to receive written acknowledgement of the Notice of Privacy Practices (Document #135). Of note, IFEHC's NPP asks patients to indicate if they would like to restrict the means of requesting their medical records or the media on which they are produced. Patients are advised to provide a verbal password and hint in case they decide to make verbal medical records requests.
IFEHC is required to have a policy in place to handle breaches. The handling of breaches depends on the nature and the extent of the breaches. If qualified individuals at IFEHC determines a material breach occurs, appropriate entities (including the individuals whose PHI was breached) must be notified.
IFEHC currently has no HIPAA-covered Business Associates. That means that IFEHC does NOT share patient information with any third party other than to comply with regulation.
IFEHC has policies in place for reporting to the certain events, such as material breaches of HIPAA. IFEHC has NOTHING to report at the moment. If it did, it would report BOTH the home page and in this section.
The IFEHC Binder has legally mandated documentation whose content the Compliance Officer deemed inappropriate to post. The contents of such material can be accessed at the IFEHC Office by entities who demonstrate appropriate credentials.
Idaho Falls Employment Health Clinic (IFEHC)
2539 Channing Way Ste 260, Idaho Falls, ID 83404-7558 in Idaho Falls Medical District
T 208-932-4932, F 208-932-4935
All contents on this site, including downloadable files (unless otherwise credited), are the intellectual property of D.M. Boren, M.D., the Medical Director. Materials may be used for private consumption. Written authorization must be sought for each commercial use. D.M. Boren, M.D. and Idaho Falls Employment Health Clinic, PLLC must be given intellectual credit each time Dr. Boren’s materials are reproduced for any purpose (whether private or commercial).