The Corporate Ethics and Compliance Department oversees implementation of and adherence to:
- Corporate Ethics and Compliance Code (Download)
- Health Insurance Portability and Accountability Act (HIPAA)
These provide guidance to employees and set forth ethical and legal standards. Sonal J. Shah is the Vice President, Chief Compliance and Privacy Officer of Hartford HealthCare.
Back to Top
Ethics and Compliance Program Involves:
Download the Corporate Compliance Code
- Articulating standards of compliance and ethical conduct through a Code of Conduct, Corporate Ethics and Compliance Code, HIPAA and a series of company Policies and Procedures.
- Creating awareness of these standards among everyone in the company through high-quality ethics and compliance training and other ongoing communication efforts.
- Providing means to report exceptions (i.e., possible misconduct). The Corporate Ethics and Compliance Lines allow anyone to anonymously report a violation of our Code of Conduct, Corporate Ethics and Compliance Code, the Health Insurance Portability and Accountability Act (HIPAA), Safety or Policies and Procedures.
- Monitoring and auditing performance in areas of compliance risk to ensure that established policies and procedures are being followed and are effective.
Back to Top
The Hospital of Central Connecticut maintains an Ethics and Compliance Line anyone may call to obtain guidance on an ethics or compliance issue or report concerns:
Toll Free and Anonymous: 1.855.HHC.OCAP
Report Online: www.HHC.OCAPComplianceLine.com
The Hospital of Central Connecticut makes every effort to maintain, within the limits of the law and within the bounds of an appropriate investigation, the confidentiality of the identity of any individual who uses the Corporate Ethics and Compliance Line. There will be no retribution or discipline for anyone who reports a possible violation in good faith.
Back to Top
The federal Deficit Reduction Act of 2005 requires us to provide our vendors with information regarding the False Claims Act as well as our policies and procedures for detecting and preventing fraud and abuse.
False Claims Act
View the PDF below to view/download the policy related to vendors, entitled "DRA - The False Claims Act and Prevention of Fraud, Waste and Abuse". By continuing to provide services for us, our medical staff and patients, you are acknowledging these policies and your agreement to comply with them.
Download DRA False Claim Act Policy
Back to Top
Health Insurance Portability and Accountability Act
The 1996 Health Insurance Portability and Accountability Act (HIPAA) mandated that the Department of Health and Human Services issue privacy standards. The regulations seek to protect the security and privacy of medical records and personally identifiable health information used or shared in any form, whether on paper, electronically or orally, by the hospital entity and/or their business associates.
HIPAA allows us to share patient information for treatment, payment or hospital entity operations (TPO). Operations or business activities of the hospital entity may include quality improvement, training and auditing.
Protected Health Information
Protected health information (PHI) includes the patient's name, address, employer, relatives' names, date of birth, telephone/fax number, e-mail address, Social Security number, medical record number, account number, voiceprint, fingerprint, photo and/or codes as well as any other characteristics, such as occupation, which may identify the individual.
Our patients receive a Notice of Privacy Practices Brochure, available in English, Spanish and Polish, that describes how medical information may be used and disclosed by the hospital entity. Patients must sign that they received the brochure. Patients have the right to access their medical records and are provided with instructions on how access their medical record; request to amend information in their record; and request an accounting of where their PHI has been disclosed.
Any information related to a patient's health cannot be used unless authorized by the patient or someone acting on the patient's behalf, or permitted by the regulations. The hospital entity must limit access to only those employees and individuals who need the information for a legitimate purpose.
HIPAA regulations affect information every hospital employee deals with. Maintaining the security of private medical information is everyone's responsibility. No matter what the employee's position is, he or she is responsible for keeping patient information confidential and can help identify areas for improvement.
Back to Top
Principles of Corporate Compliance
The Hospital of Central Connecticut will strive to ensure all activities by or on behalf of the organization are in compliance with laws.
Employees will accurately and honestly represent The Hospital of Central Connecticut.
The Hospital of Central Connecticut will not engage in any activity or scheme intended to defraud anyone of money, property or honest services.
The Hospital of Central Connecticut's employees shall strive to maintain the privacy of patient and other information in accordance with applicable legal and ethical standards.
Conflict of Interest
Directors, officers, committee members and key employees may not use their positions to profit personally or to assist others in profiting in any way at the expense of the organization.
Business transactions with vendors, contractors and other third parties shall be completed without offers or requests of gifts and favors or other improper incentives in exchange for influence or assistance in a transaction.
Protection of Assets
All employees will strive to preserve and protect the organization's assets by making careful and effective use of The Hospital of Central Connecticut's resources.
All employees will properly and accurately report its financial condition.
Back to Top