Duluth, MN 55812
Phone: (218) 726–7974;
Fax: (218) 726–8693
Privacy and Confidentiality
Protecting Client Privacy is Everyone's Responsibility.
As part of your educational experience in the University of Minnesota Duluth Communication Sciences and Disorders (CSD) program, you may be permitted access to protected health information for educational purposes. You have a personal responsibility to safeguard the privacy and confidentiality of private healht information as required by the University of Minnesota and the ASHA Code of Ethics.
The client-clinician relationship is based on trust. When protecting the confidentiality of a client´s health information, students and clinic instructors are expected to abide by:
You may only access or view private health information or medical records about clients specifically assigned as part of your education. You are not authorized by the University of Minnesota to access, use, disclose, or share private health information in any format for any purpose not directly associated with your educational program at the University.
A student intern or clinical instructor must not reveal to unauthorized persons any private health information obtained from the individual s/he serves professionally without that person´s permission.
Complete the University of Minnesota Privacy Training.
Before having contact with clients, students are required to complete the University of Minnesota Privacy and Data Security on-line training modules.
Initial courses are assigned to students through the Clinic Director. Students complete the on-line courses 1,2,3,and 6. Students then provide a record of completion to the CSD Department.
Subsequent "refresher courses" may assigned through the University of Minnesota Office of Privacy and Security.
Print Client-Related Documents on the Fileroom Computer designated for this purpose.
The Pay-to-Print lab printer is not secure. Do not use it for printing any documents containing Protected Health Information.
No Private Information in Emails.
Email: Email is not considered a secure means of communicating about a client or to a client. It is not acceptable to communicate about a client using private health information in your correspondence to other individuals. This restriction includes banning use of private health information in correspondence with clinic instructors.
At times a client or guardian may wish to use email as a means of information exchange. If that is the case, interns and instructors must notify the client/guardian of the risks of email correspondence, must get permission, and must save all correspondence in the client chart, in accordance with the following University of Minnesota Policy: HIPAA Provider/Patient email Communication Working Procedure. (last update: January 6, 2014).
The client should be presented with the Guidelines and Consent for Email Correspondence. The signed form should be submitted to the clinic office for filing BEFORE email correspondence commences. Interns should talk with their instructors before any email correspondence occurs.
De-identification of clinic documents for assignments.
Before you can use a client document in CSD courses please clear any Protected Health Information (PHI) from your document and submit it to your ciinic instructor for review.
You are responsible for following the federal laws regarding protection of private health information. Failure to do so can lead to University of Minnesota sanctions.
Checklist for De-Identifying Health Information:
Report Suspected Breaches of Confidentiality.
You are required by University policy to report any suspected or known breach of privacy to the CSD Clinic Director.
Privacy Procedures for the Robert F. Pierce Speech-Language-Hearing Clinic
The Robert F. Pierce Speech-Language-Hearing Clinic in the Department of Communication Disorders at the University of Minnesota Duluth adheres to privacy guidelines established by the University of Minnesota.
1. Private health information includes:
This information may not be released to unauthorized users in any form (e.g., orally, in written form, or electronically) without a signed formal written consent (Consent to Release Private Data).
2. Authorized access toprivate health information is granted to:
3. Unauthorized access:
B. Implementation Strategies:
1. Every client who attends the RFP Clinic will sign a Release for Clinical Education Purposes at the time of the first visit. This release expires 10 years from the date of signature. Individuals who are not willing to sign this release may not be seen for services in this clinic. Clients may contact the clinical supervisor or the Clinic Director for more information or questions about this policy.
2. All private health information for all clients who attend RFP Clinic will be secured by faculty, staff, and students in the Department of Communication Disorders.
3. Assign and use a clinical code to prevent unauthorized access toprivate health information.
4. Prevent unauthorized access toprivate health information(verbal, written, or electronic) by maintaining case confidentiality.
5. If a privacy is violated, notify the clinic instructor and the director of the RFP Clinic. The CSD Department will work together with the client and the university to remediate any breach as efficiently as possible.
6. Students in the CSD Program will complete privacy training in preparation for completing internships. This training will take the form of on-line courses, class discussions, and assessment. Students will complete the following on-line Privacy Training courses:
University workforce members and student with access to Private Information must complete the University-directed Privacy training as assigned by the University of Minnesota. Assignment of courses to workforce members comes throught the CEHSP Privacy Coordinator in the Dean's Office.