LABONLINE WEB PORTAL

ELECTRONIC TEST ORDERING AND REPORTING (“ETOR”)

USER SECURITY AND CONFIDENITALITY AGREEMENT

Laboratory information provided through ETOR Systems may contain Private Health and Personal Identifying Information (PHI/PII). This information may be subject to protection under the law, including the Health Insurance Portability and Accountability Act of 1996, as amended (“HIPAA”). KDHE shall grant access to the ETOR systems through web portals for information and data exchange to only authorized users. By using ETOR systems, the user named below affirms that he/she/they and/or his/her/their organization is accessing this data for purposes authorized by, and in compliance with, state and federal law and in accordance with the terms below.

By using ETOR systems, I agree to abide by the following terms:

1. Acknowledge and agree to all terms of the ETOR Systems Terms of Service, incorporated herein by reference, and to comply with my organization’s protocol required for handling personally identifiable health information for clients.

2. Participate and provide necessary data in a timely and accurate manner.

3. Handle confidential, identifying data and information of individuals whose records and/or information are contained in the ETOR systems in a confidential manner.

4. Not knowingly enter invalid/false data, falsify any document or data obtained through any ETOR system.

5. Use ETOR systems to access information and generate documentation only as required by my employer.

6. Use only the login credentials authorized and provided by KDHE to your institution or to you as an individual user, carefully and deliberately safeguard the username and password which provides access to ETOR systems, and not permit the use of that username and password by any other person unless expressly authorized by the KDHE staff.

7. Not make any attempt to authenticate another user’s login and password.

8. Not furnish identifiable information or documentation obtained from ETOR systems to individuals or other entities that are not authorized by statute or proper written consent to receive such information or records.

9. Promptly report to KDHE knowledge of any unauthorized access to any PHI/PII or test results inconsistent with your organizational expectations.

10. Not attempt to copy the database or software used to access the ETOR systems database without written consent from KDHE.

11. Not perform any operation that may result in a breach of security or disable the web portals.

12. Promptly report to KDHE staff any threat to or violation of the ETOR Systems Security and Confidentiality Agreement.

13. Allow the KDHE staff and the assigned agents to audit my ETOR systems transactions to ensure compliance with the ETOR Systems Security and Confidentiality Agreement.

I have read, understand, and agree to abide by the ETOR Systems Security and Confidentiality Agreement. I understand that, if I violate security or confidentiality requirements, my access to ETOR systems can be terminated, and I may be subject to penalties imposed by law.