College of Health Sciences: HIPAA and Patient Privacy

As a student at Rush University, you have a legal and ethical responsibility to safeguard the privacy of all patients and protect confidentiality and security of all health information.  Protecting the confidentiality of patient information means protecting it from unauthorized use or disclosure in any format - verbal, fax, written or electronic/computer.  Patient confidentiality is a central obligation of patient care.  Any breaches in patient confidentiality or privacy may result in disciplinary action, up to and including dismissal from the college.

The laboratory component of some courses may use students as simulated patients.  This is particularly true for the patient evaluation, medicine and patient education components.  Additionally, the sharing of personal experiences can be a rich resource in the development of students understanding, knowledge and appreciation of disease, health care and impact on peoples' lives. 

Practicing the medical history and physical examination places students in close contact and leads to the sharing of personal information and physical findings.  Similarly students may use personal experiences in patient role-playing exercises.

All shared and personal medical information and physical examination findings are to be treated with utmost confidentiality, the same as for any patient contact.  Failure to protect the confidentiality of any information related to the activities in a course or clinical rotation may result in disciplinary action, up to and including suspension or dismissal from the college. For additional information, students should refer to the Rush University HIPAA policy and the Rush University Policy on Privacy and Confidentiality of Student Records and FERPA.