• Abstract and Figures
• Public Full-text

DEPARTMENT: Information Systems - POLICY DESCRIPTION: Physicians and Appropriate Access Physicians Office Staff PAGE: 1 of 2 REPLACES POLICY DATED: 02-25-98 APPROVED: June 3, 1998 RETIRED: EFFECTIVE DATE: June 10, 1998 REFERENCE NUMBER: IS.AA.010

SCOPE: Physicians and physician personnel users of CPCS (excluding hospital-based physicians).

PURPOSE: To describe the required activities for assigning CPCS access to physicians and their office personnel. ______POLICY: Physicians requesting access to CPCS must be designated in the MIS user dictionary by one mnemonic, representing the one individual physician of request. Physicians must only be represented in this dictionary under one mnemonic.

All physicians, except hospital-based physicians, must be restricted to a specific group for access to only those patients associated with the group. A group is defined as an entity of practitioners with financial interdependence. The group restriction must always be restricted to the smallest possible coverage number. If no financial relationship exists, both parties must complete an agreement to allow for cross-coverage and access to each others’ patient information.

Physician office personnel may be granted access to CPCS upon request by the employing physician. Office staff must always be restricted to only the assigned patients of the physician or group by which they are employed, or where a cross coverage agreement has been established.

All physicians and office personnel are required to sign an Information Security Agreement and must receive training on the portions of CPCS they are given access to, and show evidence of this training.

Access to physician office personnel will be categorized by their clinical or administrative duties to ensure that access to only the appropriate types of patient information is granted.

PROCEDURE: Physicians: 1. Provider Fields on page 3 of the CPCS User dictionary must be completed with the physician mnemonic from the Provider dictionary in MIS. 2. Provider Group Field on page 3 of the CPCS User dictionary must be completed with a physician group mnemonic from the Provider Group dictionary in MIS when a group is established.

Physician Office Staff 1. The Provider Field on page 3 of the MIS User dictionary must be completed with the provider mnemonic of the physician for whom they work.

DEPARTMENT: Information Systems - POLICY DESCRIPTION: Physicians and Appropriate Access Physicians Office Staff PAGE: 2 of 2 REPLACES POLICY DATED: 02-25-98 APPROVED: June 3, 1998 RETIRED: EFFECTIVE DATE: June 10, 1998 REFERENCE NUMBER: IS.AA.010

1. The Provider Group Field must be completed for the group with whom the physician is associated. 1. The “Assigned Patient Only” Field on page 3 of the MIS User dictionary must always be assigned “Y” for office personnel. ______REFERENCES: Information Security Policy, IS.AA.013 CPCS Appropriate Access Guidelines, Section 5

Load more

  2

Copy Link