In This Section      
 

Confidentiality and Privacy

Respect Employee Privacy

Honor the privacy rights of Johns Hopkins employees by seeking their permission before you write about or display materials related to internal activities or operations that might be considered to be a breach of privacy and confidentiality.

Respect Patient Privacy

Honor the privacy rights of current and former patients by obtaining a HIPAA compliant authorization in writing before you write about or display information that might be considered to be a breach of privacy and confidentiality. If in doubt, do not disclose the information. Refer to the confidentiality statements and HIPAA policy templates (http://intranet.insidehopkinsmedicine.org/privacy_office/) for more information.

Example of a Privacy Breach:
An employee posts on her personal Facebook page her concern for a patient she has been caring for. The post does not include the patient’s name, history number or date of birth, but it does mention the type of service being performed or an unusual situation (the “largest mass” she has seen removed, for example, or that the patient is extremely obese). These details paired with the date of the event and the type of service being performed does make it possible to identify the patient.