Workforce Confidentiality Agreement and Regulatory Compliance Statement I, _______________________________________, have read and understand the Privacy and Confidentiality Policy and Information Security and HIPAA Security Policy of Primaris, for the protection of the privacy of individually identifiable health information (or protected health information (PHI), as mandated by the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act (HITECH) and for the protection of Quality Improvement Organization (QIO) information, as mandated by Part B of Title XI of the Social Security Act and regulations found at 42 CF.R. Part 480. In addition, I acknowledge that I have received training in Primaris’ policies concerning PHI and QIO information use, disclosure, storage and destruction as required by HIPAA, HITECH and the Social Security Act. I understand that it is the policy of Primaris that any patient, physician, hospital, healthcare provider, financial, employee, payroll and related information is strictly confidential and/or proprietary information. Access to and disclosure of such information is limited by federal and state law and internal policies. Failure to observe confidentiality policies and procedures may result in termination of the workforce member’s and/or consultant’s relationship with Primaris. Violations of the confidentiality provisions of the QIO contract are subject to penalty, upon conviction, of a fine of up to $1,000 and imprisonment of up to six months, or both and costs of prosecution. I understand that, in the course of my work, I may come into contact with information which is confidential under federal and state law or which is considered confidential and/or proprietary by Primaris, including but not limited to patient medical information, other information considered personal by patients and their family, healthcare provider information, financial information, and employee and payroll information. In consideration of my employment or compensation by Primaris, I agree to keep confidential all such information, whether verbal, written or computerized, which I come into contact with in the course of my work for Primaris. I will not discuss patient, provider or organizational information with anyone who does not have a business need to know. In addition, I will not discuss patient, provider or organizational information in public areas (such as the lobby, elevators and break room). I will not access or attempt to access any information unless the information is relevant to my job and I am clearly authorized to access it. I understand that the logon ID, computer password, access card, time sheet login and other credentials (hereinafter ‘credentials’) assigned to me by Primaris are to be used solely by me in connection with my authorized access to information. I understand that use of my credentials by anyone other than myself is strictly prohibited. I will not share my credentials with anyone and I will take all necessary steps to protect the confidentiality of my credentials. I understand electronic mail is Primaris’ or government property and subject to organizational review and should be used primarily for business purposes. I also understand and certify that the use of my electronic or digital signature to authenticate documents is the equivalent of my handwritten signature on the documents. I understand that it is my responsibility to read and to abide by any and all policies and procedures regarding the use and distribution of information owned or accessed by Primaris currently in effect or which may be implemented or revised from time to time. I understand that information access will be monitored and any violation of Primaris’ policies and procedures will be reported to the appropriate individual(s) and may result in disciplinary action against me including termination of employment or other affiliation(s) with Primaris, as well as prosecution to the fullest extent of the law. I will not store any confidential or proprietary information on personal media devices (such as CDs or flash drives) or in personal email accounts. Upon my separation, termination or nonaffiliation with Primaris all computer hardware, cell phone and access cards will be returned to Primaris. I understand that these obligations will survive the termination of my employment or end of my association with Primaris, regardless of the reason for such termination. CONFLICT OF INTEREST I will not participate in the review of any case where a conflict of interest exists relating to either a practitioner or provider. Examples include: review of own cases, review of practice partners, review of family members, review of close competitors, review of facilities owned by reviewer or family members, and review of hospital(s) where physician reviewer has staff privileges. I will not engage in outside employment without prior written approval of my immediate supervisor, department director, and the Chief Executive Officer. REPORTING CHILD AND ELDER ABUSE AND NEGLECT I will report suspected child and elder abuse as required under, and in the manner prescribed in Chapter 210 RSMO on child abuse, and Chapters 198 RSMO, 660 RSMO and 565 RSMO on elder abuse. I HAVE READ THE ABOVE WORKFORCE CONFIDENTIALITY AGREEMENT AND REGULATORY COMPLIANCE STATEMENT AND I AGREE TO COMPLY FULLY WITH ITS TERMS. __ Signature Printed Name Date: