BOX 5.4 A Sample Access and Confidentiality Agreement (Physician)

As a physician with privileges at (HEALTHCARE ENTITY) (hereinafter referred to as "Physician"), you may have access to what this agreement refers to as "confidential information." The purpose of this agreement is to help you understand your duty regarding confidential information.

Confidential information includes patient/member information, employee information, financial information, other information relating to (HEALTHCARE ENTITY) and information proprietary to other companies or persons. You may learn of or have access to some or all of this confidential information through a computer system or through your professional care to patient/members.

Confidential information is valuable and sensitive and is protected by law and by strict (HEALTHCARE ENTITY) policies. The intent of these laws and policies is to assure that confidential information will remain confidential—that is, that it will be used only as necessary to accomplish the organization's mission.

As a physician with access to confidential information, you are required to conduct yourself in strict conformance to applicable laws and (HEALTHCARE ENTITY) policies governing confidential information. Your principal obligations in this area are explained below. You are required to read and to abide by these duties. The violation of any of these duties will subject you to discipline, which might include, but is not limited to loss of privileges to access confidential information, loss of privileges at (HEALTHCARE ENTITY), and to legal liability.

As a physician, you must understand that you will have access to confidential information which may include, but is not limited to, information relating to:

  • Patient/members (such as records, conversations, admittance information, patient/member financial information, etc.),
  • Employees (such as salaries, employment records, disciplinary actions, etc.),
  • (HEALTHCARE ENTITY) information (such as financial and statistical records, strategic plans, internal reports, memos, contracts, peer review information, communications, proprietary computer programs, source code, proprietary technology, etc.),


  • Third party information (such as computer programs, client and vendor proprietary information, source code, proprietary technology, etc.).

Accordingly, as a condition of and in consideration of your access to confidential information, you promise that:

  1. You will use confidential information only as needed to perform your legitimate duties as a physician of patient/members affiliated with (HEALTHCARE ENTITY).

    This means, among other things, that:

    • You will only access confidential information for which you have a need to know;
    • You will not in any way divulge, copy, release, sell, loan, review, alter or destroy any confidential information except as properly authorized within the scope of your professional activities as a physician of patient/members affiliated with (HEALTH CARE ENTITY); and
    • You will not misuse confidential information or carelessly care for confidential information.

The National Academies | 500 Fifth St. N.W. | Washington, D.C. 20001
Copyright © National Academy of Sciences. All rights reserved.
Terms of Use and Privacy Statement