HIPAA Con dentiality Agreement

THIS AGREEMENT is entered into this {day} day of {month}, {year}, by and between {nameOf}, a
duly registered facility situated in {addressOf:addr_line1}, {addressOf:city}, {addressOf:state},
{addressOf:postal} (hereinafter known as the "Healthcare Facility"),

AND

{nameOf11}, of legal age, and a citizen of {employeeCitizenship}, with primary residence at

{addressOf12:addr_line1}, {addressOf12:city}, {addressOf12:state}, {addressOf12:postal}
(hereinafter known as the “Employee”, and known collectively as the “Parties”); 

WITNESSETH: That

WHEREAS, the Healthcare Facility is duty-bound in ensuring compliance  with the application
of the law by its members and staff with respect to the protection of patient's health records
and other relevant information.

WHEREAS, the undersigned Employee recognizes the responsibility of the Healthcare Facility
in adhering to the mandates of the law and ensuring its employees comply with the standards
required by law in protecting the patient's con dential information.

WHEREAS, the Parties hereto agree to enter into this Agreement  in setting for the terms and
conditions of their legal relationship, as governed by the law on Health Insurance Portability
and Accountability Act of 1996 and updated through HIPAA Omnibus Rule of 2013 and will also
uphold regulations enacted thereunder (hereinafter known as "HIPAA").

NOW, THEREFORE, in consideration of the premises and the covenants contained herein, the
Parties hereto agree as follows:

Purpose

It is the mandate of every healthcare facility to ascertain that its employees and staff to
ensure proper protection and care to the information that they are provided access to. In this
regard, the Parties hereto enter into this agreement to protect the privacy rights, as well as to
protect and preserve the integrity of the patient's personal information under the Healthcare
Facility's care and control.

Con dential Information

The term "Con dential Information" refers to all health information of patients or other
persons, including employees, as acquired by the Healthcare Facility and stored under the care
and control of the Healthcare Facility for further use and for reference. This also
includes medical records, nancial records, including Test results of patients under the care of
the Healthcare Facility. It also includes other sensitive information or information that is used
as incidental to the performance of duties such as passwords, log-in access information to
any device of facilities of the Healthcare Facility, as well as proprietary information including
intellectual property, or any information otherwise declared by the Healthcare Facility as
con dential.

Create your own automated PDFs with JotForm PDF Editor

Disclosure of Con dential Information

Disclosure of Con dential Information can be made in whole or in part, and either in oral
communication whether personal or via the technological medium, or in written form, through
the transfer or distribution of a physical or digital document from any source.

Use of Con dential Information. 

The Parties acknowledge that meaningful employment may or will necessitate disclosure of
Con dential Information by this Healthcare Facility to the Employee and the use of
Con dential Information by the Employee.

Responsibilities of Employee

The undersigned Employee agrees to the following:

1. The Employee may not share nor disclose to any party, that Con dential Information
acquired from the records of the Healthcare Facility, such as patient's records including
but not limited to medical records, nancial records, test results, among others, or
those that may be determined as personal health information, unless otherwise such
disclosure has been consented by the patient who is the owner of the information.
2. The Employee may not disclose nor share any information or medical records received
by said Employee in con dence as disclosed by the patient or from the patient's medical
test results to any third party, without the authority and consent of the patient. Should
the patient be a minor, incompetent, or without the authority, consent of the patient's
parents or legal guardian is required.
3. The undersigned Employee  shall not browse  or read through any of the patient's
con dential records from the Healthcare Facility's database unless such reading or
browsing is incidental to the Employee's performance of duty with the Healthcare
Facility.
4. The undersigned Employee shall not copy, transfer by electronic means or move
physically any of the patient's sensitive and con dential information without the consent
of the Healthcare Facility or the patient who is the owner of such information. Should
any information be transferred or moved, it shall be justi ed and shall inform the patient
of such transfer with the reason thereof and shall be reduced into writing.
5. Destruction, alteration, modi cation of any of the patient's information,  health records,
test results, billing information, and/or personal information shall require the consent of
the Healthcare Facility, by the patient, or as so provided for by law.
6. The undersigned Employee shall not, in any way, change any access information to any
device of or passage to anywhere within the premises of the Healthcare Facility in the
absence of consent from the said Healthcare Facility.
7. Employee shall ensure that any Con dential Information shall not be left unattended and
visible to the public. 
8. In the case of a suspected breach, Employee shall immediately notify his or her direct
supervisor and/or the Healthcare Facility’s HIPAA Privacy O cer.
9. Employee shall not bring any information outside the Healthcare Facility's premises,
whether in a physical hardcopy document form or as stored in a portable device, unless
otherwise authorized by the owner of the Con dential Information or the Healthcare
Facility, for just causes.

Create your own automated PDFs with JotForm PDF Editor

Breach

The Parties hereto fully understand and agree that any person found to have caused any
breach of any of the covenants herein, or by which have caused to result to a violation relating
to the provisions of HIPAA, or in any way fails to exercise the required diligence in the
performance of their duties, resulting to any injury of the person owning the information, shall
be subject to the following penalties, and without prejudice to the right of the injured party to
le legal action:

{penaltiesFor}

Applicable Law

This Agreement shall be governed by the laws of the state of  {stateGoverning}, the HIPAA
Federal and State laws, and other relevant Federal and State privacy laws. The  Parties agree
that any suit arising from this Agreement  may be brought to the court of the state speci ed
herein, the state of residence of Employee, or the primary address of the Healthcare Facility.

Returning Con dential Information

The Employee shall return the Con dential Information in his or her possession, upon request
of the Healthcare Facility and shall not retain any duplicates in hardcopy or softcopy. Any
copies or duplicates that may be found out later unreturned and in his or her possession shall
be destroyed or deleted immediately, except as otherwise permitted by the Healthcare Facility,
which shall be made in writing. All Con dential Information herein this Agreement shall be
considered as the exclusive property of the Healthcare Facility unless otherwise stated by law.

Binding Arrangement

This Agreement shall be binding upon and  inures  the bene t of the Parties hereto, their
successors, assigns, agents, employees, shareholders, representatives, and directors.

Separability Clause

Should any provision herein this Agreement be held invalid by a competent court, such
invalidity shall only affect the said provision and the rest of the provisions that are valid shall
remain enforceable.

Create your own automated PDFs with JotForm PDF Editor

IN WITNESS WHEREOF, the Parties hereto have executed this Agreement on the date above
written.

Create your own automated PDFs with JotForm PDF Editor