What is Cedars-Sinai CareLink?
Cedars-Sinai CareLink is a web-based portal that provides affiliate and community referring providers and vendors access to the charts of Cedars-Sinai patients with whom they have an established clinical relationship.
Cedars-Sinai CareLink user and password support: 310-423-6428; available 24/7
Terms and Conditions
Authorization to access or obtain patient information
Cedars-Sinai workforce members (employees, trainees, medical staff members, volunteers, vendors and contractors) may access or obtain protected health information (PHI) only when performing a required clinical or business activity and only if the PHI accessed or obtained is necessary to perform that activity. Seeking or obtaining PHI out of curiosity, for malicious purposes, or for financial or personal gain is prohibited under Cedars-Sinai policy and under federal and state law.
Cedars-Sinai’s implementation of Cedars-Sinai CareLink further heightens our need to safeguard electronic protected health information and the organization’s policies in relation to privacy, confidentiality and information security.
Physician office/facility staff members may access patient records via Cedars-Sinai CareLink when:
- Performing work related to physician of record for the patient, or
- Conducting treatment or operations-related work, or
- They must do so for billing purposes
Employees and contractors (e.g., billing companies) working for physician offices:
- You may not under any circumstances use physician/medical staff members’ IDs and passwords. If you as an employee or contractor of the physician office have a legitimate business need to access patient records in Cedars-Sinai clinical applications, you may be granted your own user ID and password, provided your need for access can be demonstrated to Cedars-Sinai.
- As a physician office employee or contractor, you may access patient information in Cedars-Sinai clinical applications to assist the physician with treatment or to facilitate billing for the physician’s services, but for no other reason.
- As a physician office employee or contractor, if you fail to appropriately use your access to Cedars-Sinai clinical applications, you may be denied access permanently.
Access and auditing
The Cedars-Sinai CareLink system provides audit reports, which are recorded and monitored by the corporate compliance privacy officer and health information director. System activity is reviewed to determine appropriateness of access. These records are also subject to outside audit by regulatory agencies.
Employees and contractors of physician offices should seek guidance when questions about appropriate access arise. Access to Cedars-Sinai hospital systems is a privilege that relates to one’s job function and role. Access that does not relate to one’s job role or that does not fall under the HIPAA scope of authorized access for treatment, payment or operations on behalf of the covered entity (physician office) may constitute an unauthorized access or privacy breach reportable to state and federal authorities.
Cedars-Sinai owns the hardware, software and data on the servers in the Cedars-Sinai data centers. Consequently, it has the legal and ethical responsibility to implement access controls as well as to define policies and procedures to safeguard protected health information from unauthorized access and disclosure in support of federal and state laws. The hospital has implemented technical, organizational and physical safeguards designed to protect the personal health information that it processes.
Appropriate Cedars-Sinai CareLink access
Maintaining the security and confidentiality of our patients’ health information is paramount within Cedars-Sinai. Established procedures and defined access controls support our goal of securing patient information, which is aligned with security requirements for the Health Insurance Portability and Accountability Act of 1996 (HIPAA) and the Health Information Technology for Economic and Clinical Health Act.
It is paramount that any system logins be used appropriately and in accordance with licensing requirements and Cedars-Sinai security policy and procedures. Responsible access includes seeking management direction and guidance should questions arise about appropriate access. Every Cedars-Sinai CareLink account user has an obligation to comply with these security requirements.
Appropriate access includes:
- Protecting one’s logon ID and password and not sharing it with others
- Signing on to the Cedars-Sinai CareLink system with your own authorized logon ID and logging out of the clinical system when no longer in use to maintain control of the use of your individual logon credentials
- Viewing and accessing patient information for job-related purposes only
- Printing to secure designated printers and not leaving printed patient information unattended
- Notifying the Cedars-Sinai EIS Help Desk (310-423-6428) at any time changes in access become necessary for you or any of your office staff to ensure individual accountability
- Reporting any misuse, known or suspected, of the Cedars-Sinai CareLink system
Thank you for supporting Cedars-Sinai measures to protect the privacy and security of patient information.