HCBS Mobile Device Agreement

Home Community Based Services Provider, Inc. (‘Organization’) has permitted me to use a personally owned smartphone or other mobile device (‘Mobile Device’) for work-related activities on the condition that I comply with the terms of this Agreement as well as the applicable organization policies and procedures, including without limitation its policy regarding confidentiality of protected health information (‘PHI’) under HIPAA. I understand and agree that the Organization shall have the right to revoke authorization for any Mobile Devices to use or access the Organization networks and data, without limitation to patient data, at is discretion. Upon termination of my engagement with HCBS Provider, Inc., my access to PHI within the HCBS Provider Network will be revoked and I will cooperate fully with the Organization to assure that all ability to access the Organization’s network and patient data through any Mobile Device used by me is eliminated.

I understand my obligations to comply with HIPAA and to strictly maintain patient confidentiality. I will not download or transfer sensitive business data to my personal devices. Sensitive business data is defined as documents (i.e., ISPs, behavior plans, etc.) or data whose loss, misuse, or unauthorized access can adversely affect the privacy or welfare of an individual including protected health information (‘PHI’), or personally identifiable information (‘PII’). I further agree that I will not use any Mobile Device or other means in my control, such as a personally controlled laptop or desktop to store or file any sensitive business data, protected health information or personally identifiable information to any other means of storage, including without limitation any hard drive, flash drive, or “cloud-based” storage facility.

Specifically, I agree to adhere to the following in connection with my use of a BYOB Mobile Device

  1. I will password protect the device with a ‘strong’
  2. I will set the Device to lock itself with a password or PIN if the Device is
  3. I acknowledge that my Mobile Device(s) allows access to HCBS Provider’s network and potentially to client PHI, and I will be mindful of the fact of this ability to access this confidential information if I allow others to use my device.
  4. It is a violation of HCBS Provider Policy to use Mobile Devices to download and store confidential Mobile Devices will be used to access and view data only. The exception to this is for BSCs to complete FBA and PBSP reports. The BSC will store the information securely by password protection.
  5. Any text message from client and/or parent should be deleted once the conversation has ended, information has been recorded/documented and the issue/concern has been resolved. Keep anything related to your client off social Never take pictures or videos of your client. Only use video chat with your client when given permission by their parent/guardian. Use your client’s first name or initials when texting other members of their care team.
  1. If the Device is lost or stolen, I will report it to HCBS Provider as soon as possible after you notice the device is missing; HCBS Provider needs to be made aware of this due to the possibility of a data breach.
  2. Any Client or Organization data found to be on the Mobile Device will be removed in a HIPAA Compliant manner prior to removing the Mobile Device from service.
  3. I understand that all HCBS Provider, related information sent, received, viewed on my Mobile Device is property of the Organization.
  4. In the event of an alleged information compliance issue, or data breach involving my client I agree to cooperate fully with any investigation whether conducted by or on behalf of HCBS Provider, or by any relevant agency including without limitation the Office of Civil Rights of U.S. Department of Health and Human Services. In connection with any investigation with an investigation directly involving myself, I agree to allow authorities to access to my device in response to a subpoena provided for that purpose and further to provide any investigator all information and supporting documentation, such as photos, text messages and email messages as requested by such investigator and further agree to provide copies of all such information and documents to HCBS Provider.
  5. Upon resignation or termination of my contract with HCBS Provider, Inc. I agree to remove in HIPAA Compliant manner all HCBS Provider Client PHI and Organization Business
  6. Any violation of Organization policies and procedures or the terms of this Agreement may lead to discipline up to and including termination of contract.

 

HCBS Provider uses text messages to communicate with our staff on a regular basis.  By signing this document, you are agreeing to opt in for text messaging.  If at any time you decide you would prefer to opt out of text message notifications, please email Sharon@hcbsprovider.com.  If you decide to opt out, you will be required to check your email account on a daily basis to be up to date on any communication from the HCSB Provider Admin Team.  You are also required to update us on any changes to your email address you have provided the HR Director with at the time of signing your contract.

 

Employee Name:

Employee Signature:                                                                                     

Date:

 

2024-2025