Step 3 – The state whose laws govern the agreement must be defined. Step 2 – The date on which the agreement is reached can be given first. The name of the health facility and the name of the employee are also required. The HIPAA Employee Privacy Agreement is a form used to ensure that a staff member of a health organization (or other organization with access to medical documents) keeps the personal information they have access to secret by logging into the organization. The Data Protection Rule of the Health Insurance Portability and Accountability Act of 1996 requires that seized companies that have access to the individual`s protected health information respect the confidentiality of sensitive personal and medical information. As a general rule, the aim is to ensure that medical information remains protected, while allowing the flow of information necessary to provide a maximum level of health care. In addition, the confidentiality agreement limits the employee`s access to health-related information. Step 4 – The date, signature and printed name of the employee are required at the bottom of the form. The HIPAA Patient Authorization Form is an authorization that allows the transmission of a patient`s medical records from one doctor or hospital to another.