Treat Paper Records & Electronic Data Equally
Sensitive information on paper is the same as sensitive information on a computer. Both need to be protected from unauthorized access and should be treated with caution and discretion.
In particular, Protected Health Information (PHI) in all forms (e.g. verbal, fax, paper, electronic) is covered by the HIPAA privacy regulations. Electronic PHI (ePHI) is specifically covered by the HIPAA security regulations.
Sometimes, it may be necessary to print out sensitive electronic information on paper and make copies. Do not leave these copies lying around in open areas within your workspace, as this information may be seen or even taken by unauthorized parties. If you would not want someone to read that information on your computer, you probably would not want them to read the same information on paper.
Keep printouts of sensitive information such as medical records in a secure location, such as a locked desk, locked filing cabinet or a safe. Avoid leaving sensitive documents unattended, especially in high traffic areas.