Privacy & Security Policy
(last updated 7/3/03)
webINR is wholly owned and run by Abington Memorial Hospital. webINR is a web based warfarin management program that is provided to the medical community in a model known as an “Application Service Provider” which requires the entry and storage of clinical data on our server(s). Abington Memorial Hospital, is committed to maintaining the privacy and security of the information regarding clinicians and patients that is recorded and stored in the database. At no time will IDENTIFIABLE patient or clinician data be sold or given to third parties for any use. Aggregate NONIDENTIFIABLE clinical data may be used for clinical study, improvement in decision support or business decisions.
Employees and Officers of Abington Memorial Hospital are required to keep customer information private, as a condition of their employment with the company. All Abington Memorial Hospital Officers and Employees are required to sign a confidentiality statement that in the current version reads:
"I am aware of the Health Insurance Portability and Accountability Act of 1996, Public Law 104-191 ("HIPAA") and regulations promulgated thereunder by the U.S. Department of Health and Human Services (the "HIPAA Regulations"). In this Act and Regulations, I understand and agree that patient Protected Health Information (PHI) is to remain in strict confidence. In the course of employment, should I encounter PHI, I shall not use PHI for purposes outside of the stated business purposes of Abington Memorial Hospital as required in contracts with Health Care Providers or Institutions. Furthermore, patient identifiable information will not be released to third parties except if required by law as outlined in the HIPAA Act and Regulations. If in the course of business, I become aware of violations in maintaining PHI confidentiality, I agree to report this breach of maintaining PHI immediately (less than 24 hours) to an Officer of Abington Memorial Hospital. I understand that breach of maintaining the confidentiality of PHI serves as potential grounds for termination of employment and potential legal proceedings. This agreement to maintain PHI survives my termination from a position of employment at Abington Memorial Hospital."
Abington Memorial Hospital will sign a standard HIPAA Business Associate document as stated in the Lessee Contract and required by the HIPAA Act and Regulations. If required by governing law or Institution, the Lessee is responsible for obtaining patient consent to store PHI on the webINR site.
Abington Memorial Hospital is committed to comply with all current and future standards regarding storage and transmission of confidential patient data as required by Federal HIPAA Regulations.
Security is accomplished by the following methods:
Further Privacy Questions or Security Concerns?
For privacy questions or concerns about webINR, please contact Kathie Hunter, WebINR Support, Abington Memorial Hospital.