Page 8 - Privacy_Program
P. 8
reported to the Director of Information Technology, Privacy and Data Security
using O:\Forms\General Forms\Alleged Privacy Violations Incidents Report and
Determination Form.doc.
All Employees with DP100.6b If any employee believes that another employee, supervisor, participant,
Access to Privacy‐ volunteer, customer, or business associate has violated the Notice of Privacy
Restricted Data Practices or Privacy and Data Security policies, he or she should report the
suspected incident to his or her supervisor immediately, unless the supervisor
is the violator. If that is the case, it should be reported to the next level of
management (the supervisor’s supervisor) or Human Resources immediately.
It should also be reported to the Director of Information Technology, Privacy
and Data Security using the O:\Forms\General Forms\Alleged Privacy
Violations Incidents Report and Determination Form.doc.
All Employees with DP100.9 Also see GESMN ‐ Privacy Policies 101 ‐ Participant Privacy MGDPRA
Access to PRPI Safeguards.docx
S&P, Finance and Other DP100.10 Also see GESMN ‐ Privacy Policies 102 ‐ Participant Privacy HIPAA PHI
Staff Access to PHI Safeguards.docx.
All Employees DP100.11 Note that effective March 5, 2013, DP‐100 PROGRAM PARTICIPANT PRIVACY
Policy replaces POL‐S&P‐221‐03 PARTICIPANT DATA PRIVACY.
GES CONFIDENTIAL 8
