Code of Conduct 2025-01 - Flipbook - Page 15
02 | For Our Patients and Teammates
Data Privacy
We respect and protect the privacy of everyone we work with —
whether it is information about our teammates, or the information
that our patients provide. Every day, regardless of our roles, we
handle sensitive personal information, including Personally
Identifiable Information (PII) and Protected Health Information
(PHI). We must comply with all laws, regulations, and policies that
govern how sensitive information is collected, used, and shared. By
handling personal data with care, we protect patient trust, maintain
compliance, and uphold our commitment to ethical care.
Access patient charts only when necessary. Viewing patient
records without a valid work-related reason is a serious
violation of privacy, company policy, and the law.
How we do the right thing:
Report any concerns about errors, omissions, potential
falsifications of patient records, or any other mishandling of
personal information.
Use data only for the purpose for which it was collected
originally.
Use secure channels for sharing sensitive information (e.g.,
encryption).
Keep personal information private: only access personal
information for legitimate business reasons, and never share it
with unauthorized individuals or discuss it in public places.
Always follow Ivy’s privacy policies and procedures and obtain
signed HIPAA Authorizations if permitted to share patient
information on social media (prior to posting).
Doing the right thing is hidden in the little
actions every day.
For example, caring to preserve patient privacy and
thinking twice before sharing their information verbally or
electronically.”
Understand that respecting our patients’ right to privacy
means we cannot answer questions related to patients from
friends, relatives, or the media without written authorization.
Margarita Derelanko
Senior Director of Compliance, Privacy Officer
Data Privacy
Ivy Rehab | Code of Conduct
13
