Date: January 2007
Philosophy and Purpose: Employees of Bowdoin College are expected to act responsibly and in accordance with state and federal laws when accessing and using confidential information. This policy addresses both confidentiality and privacy practices.
Policy: Many of the College’s records regarding students, employees, parents, donors and friends of the College are considered confidential and may not be accessed by unauthorized personnel or disclosed to others. Other records regarding departmental or College operations or the work of College committees may also be considered confidential. Supervisors may answer more specific questions about what is considered confidential. If employees are at all uncertain, they should speak with their supervisors before releasing any information that may be confidential or sensitive. The College takes such matters very seriously, since its reputation can be damaged and individuals may be harmed by careless or deliberate misuse of confidential information. Violations of confidentiality will subject the offender to disciplinary action, up to and including immediate termination of employment, and in some cases legal action.
Bowdoin College, as the plan sponsor of the Bowdoin College Health Plan, must comply with privacy rules contained in the federal Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) effective April 14, 2004. In compliance with HIPAA, it is the College’s policy to safeguard the confidentiality of Protected Health Information (PHI) and the rights of individuals with respect to and disclosure of PHI. “PHI” is information that is created or received by a health care provider or health plan that relates to your past, present, or future physical or mental health or condition and related health care services, including payment for those services. This applies to your medical and dental plans, medical reimbursement account and the Employee Assistance Program. You have rights with respect to PHI maintained by the Plan. To exercise those rights, you may submit a written request to the HIPAA Privacy Official, who is the Director of Human Resources.