HIPAA IT Security tips
Do you know who your privacy and security officers are? Executives, have you named these individuals? Associates and colleagues, do you know who your Privacy Officer and Information Security Officer are? To comply with the HIPAA Security Final Rule, each Covered Entity and Business Associate must identify a “security official” responsible for developing and implementing […]
Transporting Medical Records Occasionally, medical and other sensitive records must be transported from one location to another, such as when moving to a new office, closing a location, etc. Appropriate steps must be taken to safeguard these records, whether electronic or paper. Medical records should never be taken from secure medical records areas without proper […]
Dangers of Instant Messaging Instant Messaging (IM) is inherently insecure. IM providers maintain and control user messages, logs and connection information on their servers. Although providers offer some degree of encryption, there have been instances of IM user logs being captured and used for unethical or criminal purposes. IM is subject to “eavesdropping” and hackers […]
Use of Public Wireless Access Points The risk is especially high at coffee shops, hotels, airports and other places with a high turnover of laptop users. Many malicious individuals set up laptops to act as wireless access points with legitimate-sounding names such as “T-Mobile”, “Free Wireless Access”, or “Hilton” etc. Wireless access for your laptop […]
Email Tips The company-provided email is intended for business use. State the information in emails in a professional manner. Each email represents. Use spell-check and grammar-check. Prepare and send email responsibly; be aware of the reader’s perception and interpretation. Double check the accuracy of the intended recipient’s email address. When sending sensitive information outside of […]
Cloud Storage of PHI Web-based products such as Gmail, Google Docs and Dropbox should not be used to transmit or store a patient’s protected health information (PHI). These products do not have the proper encryption and other security measures necessary to be considered secure under the HIPAA regulations. Using these products to transmit or store […]
Accessing Your Own Medical Records Workforce members are not permitted to use the electronic health record application or other electronic systems to access their own health care information or the health care information of their friends or families. To access your health information, just like any patient, complete the Authorization for Release of Information form […]
Lock Your Mobile Device When not in Use You work on important documents, and we want to make sure the data stays safe and secure. Always lock your mobile device when you’re not using it. Do not leave these devices unattended. Locking these devices keeps your data and contacts safe from prying eyes!
Emergency Preparedness We always need to be prepared for an emergency, regardless of the season. To prepare, here is key information: Disaster Preparedness Coordinator name & contact information Emergency Mode Operation Plan Coordinator name & contact information Evacuation Plans are posted Emergency Plans and Call Trees are on the intranet The number to call if you […]
HIPAA Policies and Procedures Every Covered Entity and Business Associate should have a comprehensive set of HIPAA Security Rule and Privacy Rule policies and procedures. You probably learned about these at new employee orientation, during annual refresher training and when there were any changes to policies and procedures. Some ways that Policies and Procedures are made available […]
