Section Three: Integrity in Our Actions

PRIVACY/CONFIDENTIALITY

We use confidential information—information that should remain private, whether medical, staff-related, business, financial, or personal—only as needed to do our jobs. We respect and maintain the confidentiality of patients’ protected health information.

Protected health information is any health information that could identify a particular person. The person could be living or deceased. The information could be about the past, present, or future health of a person. The information could be written on paper, displayed or stored in computers, or it could be spoken. Examples include patient charts, reports, x-rays, billing systems, nursing notes, and conversations about patients.

• To protect the confidentiality of patient information, we strictly follow our privacy and security policies and procedures.
• We access only the information that we need to perform our work.
• We do not share information with others unless there is a legitimate need for others to know the information in order to perform their work.
• We do not access colleagues’, friends’, or family members’ patient information without appropriate authorization or when it is not part of our job responsibility.
• Because so much of our information is generated and contained within our computer systems, we protect our computer systems and the information contained in them by creating a strong password, not sharing passwords, and by adhering to our information security policies and procedures.

We also take steps to maintain the confidentiality of:

• Information about personnel actions
• Private financial, pricing, and cost information not of public record
• Information regarding intellectual property (such as inventions) of the organization that is not intended for public disclosure and similar information of other entities that is shared with the organization on a confidential basis
• Computer software programs
• Service provider, vendor, or contractor information

We do not discuss sensitive topics involving business operations with any competitors, service providers, vendors, or other contractors without the approval of the appropriate supervisor. We also do not obtain confidential information about competitors through improper means.

When we have questions or wish to report concerns regarding confidentiality, we contact a Facility Privacy or Security Director.

For more details, see the DUHS Breach of Patient/Human Subject Confidentiality/Privacy Policy and Procedure at staff.dukehealth.org.

PRIVACY AND SECURITY TIPS

Protecting Spoken Information

• Around patient rooms
  • Knock first and ask to enter.
  • Close doors or curtains when talking about treatments or doing procedures.
  • Speak softly in semi-private rooms.
  • Ask permission before speaking about a patient’s care in front of visitors.
• Don’t discuss patient information in waiting rooms, the cafeteria, and other public areas.
• Direct visitors to the information desk.
• Don’t leave messages about patient conditions on answering machines.

Protecting Information on Paper

• Find the owner of “lost” papers.
• Shred information no longer needed.
• Don’t leave papers unattended.

Protecting Information on Computers

• Keep computer screens pointed away from the public.
• Log off workstations when leaving your work area.
• Keep usernames, identifications (IDs), and passwords secure.
• Report computer viruses.
• Password protect handheld devices and laptops.

MARKETING

We use many forms of communication to provide and receive information between our co-workers, those whom we serve, those with whom we conduct business, and the public. Communication may occur verbally or through written documents, electronic mail (e-mail), facsimile (fax), voice mail, by computer, audio and video recordings, and marketing.

• We make sure we use all forms of communication appropriately.
• We release information to the media, public, and courts only through the appropriate channels in accordance with the DUHS Policy: Media Inquiries (staff.dukehealth.org).
• We present all communication regarding our services, including marketing and advertising, in a truthful and informative manner that provides a fair representation of services and care provided.

CONFLICT OF INTEREST AND/OR COMMITMENT

Staff are expected to always perform their work for the benefit of Duke and its patients, students, and customers. Duke defines “Conflict of Interest” and “Conflict of Commitment” as follows:

• Conflict of Interest: A “Conflict of Interest” exists when a staff member has a relationship with an outside organization that can potentially bias the staff member in such a way that they (or a member of their immediate family) could potentially stand ultimately to benefit financially by his or her relationship to that outside organization.
• Conflict of Commitment: A “Conflict of Commitment” exists when a staff member (or a relative of a staff member) has a relationship with an outside organization that may potentially bias or influence the staff member in making decisions in his or her capacity as a Duke employee. Any relationship with an outside organization that requires frequent and/or prolonged absence from Duke may represent a Conflict of Commitment.
• In our business relationships with consultants, service providers, suppliers, vendors, and other contractors, we base all of our decisions on quality of services and products, competitive pricing, and organizational policy— not on personal relationships or personal benefit.
• We do not offer, solicit, or accept any gifts or gratuities that may influence or appear to influence our objectivity in performing our work.  Please review the DUHS Gifts and Courtesies policy.  Supervisors should consult with a Facility Compliance Officer, the DUHS, PDC, or SOM/SON Compliance Officer for questions they may have about gifts.  See the DUHS (staff.dukehealth.org) and SOM/SON (medschool.duke.edu) Conflict of Interest policies.

See the DUHS (staff.dukehealth.org) and SOM/SON (medschool.duke.edu) Conflict of Interest policies. DUHS Gifts and Courtesies Policy (staff.dukehealth.org)

POLITICAL ACTIVITY AND CONTRIBUTIONS

Employees are encouraged to vote and take part in the political process. However, the use of DUHS, PDC, or SOM/SON property or funds to support a political cause, party, or candidate for public office is prohibited.

We do not use Duke Medicine assets, such as telephones, copiers, and our work time, to support any political activity.

We clearly indicate that the political views we express as individuals are our own.

GOVERNMENT INVESTIGATIONS

We fully comply with the law and cooperate with any appropriate request by a government agency for information. Any non-routine inquiry, civil investigative demand, subpoena, or request of another agency regarding DUHS, PDC, SOM/SON or any facility, division, or person associated with DUHS, PDC, and SOM/ SON should be reported immediately to the DUHS, PDC, or SOM/SON Compliance Officer, a DUHS Facility Compliance Officer, or the administrator on call. This notification will ensure that the appropriate individuals, including the Office of Counsel, are made aware of the request and can properly respond to it, and that all patient privacy rights are maintained.

See DUHS (staff.dukehealth.org) and PDC (pdcchannel.mc.duke.edu/pdc) policies on Search Warrant, Subpoena, and Civil Investigative Demand and Visits by Investigators or Auditors.