Get Sop P-102: Incident And Investigation - Patient Privacy - Privacy Utah

This guide provides comprehensive instructions for completing the SOP P-102: Incident And Investigation - Patient Privacy - Privacy Utah online. It aims to support users in accurately filling out the necessary fields to ensure proper documentation of incidents involving patient privacy.

Follow the steps to successfully complete the form.

1. Click ‘Get Form’ button to obtain the form and open it in the online editor.
2. Begin with Section A: Complainant/Reporter Information. Fill in the first name, middle initial, last name, title or organization if applicable, street address, city, state, ZIP code, telephone, and email address of the person reporting the incident.
3. Move to Section B: Specific Incident Information. Here, input the name of the university unit involved (if known), any unit contact persons, and the name of the individual whose privacy rights may have been compromised (if applicable). Select the nature of the perceived violation from the provided options.
4. In Section C: Description of Incident, write a detailed description of the incident based on your observations and reports. Be clear and concise.
5. Proceed to Section D: Investigation. Document the date the incident occurred, the date it was reported, the number of people impacted, and record the name of the Information Security and Privacy Office (ISPO) incident manager. Include the Archer ticket number if applicable, and indicate if it involves a business associate.
6. Section E: Violation Analysis requires you to determine if the incident was a violation of any policy or law. Clearly explain your reasoning and document your findings.
7. In Section F: Safeguards In Place at the Time of the Incident, list the safeguards that were in place before the incident occurred.
8. Skip to Section G: Breach Analysis and complete the relevant checkboxes and document your decision-making process regarding the need for notifications.
9. For Section H: Risk Assessment, evaluate whether the disclosure poses significant risks and document your assessment results.
10. Proceed to Section I: Breach Management Process and utilize the approved breach notification template as instructed. Document the number of people sent notification letters and manage any returns from those letters.
11. In Section J: Corrective Action, provide details on the corrective action plan including responsible parties and deadlines.
12. Section K: Mitigation requires you to document your mitigation strategies and responsible staff.
13. Continue to Sections L through N to complete corrective/disciplinary actions, accounting of disclosures, and closing the incident.
14. Once all sections are completed, save your changes, download, print, or share the form as necessary.

Complete your documents online today to ensure timely and effective incident management.