1 / 21

Best Practices for Securely Handling Patient Information (PHI)

Safeguarding patient information (PHI) is crucial in healthcare. This guide provides essential practices for encrypting, shredding, and protecting PHI. Always use "phi" in the subject line of emails containing sensitive information and check with IT to ensure devices and storage are encrypted. Be cautious with email forwarding and ensure that electronic media is cleared or destroyed properly. Secure messaging systems and proper faxing protocols are also outlined to minimize risks of unauthorized access. Follow these steps to maintain compliance and protect patient privacy.

lulu
Télécharger la présentation

Best Practices for Securely Handling Patient Information (PHI)

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Encrypt, Shred, Protect (ESP) 9/14/2011

  2. Encrypt it! • Always put “phi” in the subject line of e-mails that contain patient information • Check with your IT support team to ensure that your laptop is encrypted (or any device with PHI) • Work with your IT support team to encrypt your jump drives or other storage device 9/14/2011

  3. Quiz on e-mailing PHI • For each of the e-mails in the following slides, indicate whether it should be sent 9/14/2011

  4. E-mail #1 – is this OK? 9/14/2011

  5. E-mail #1 – NO! 9/14/2011

  6. E-mail #2 – is this OK? 9/14/2011

  7. E-mail #2 – NO! 9/14/2011

  8. E-mail #3 – is this OK? 9/14/2011

  9. E-mail #3 – NO! 9/14/2011

  10. E-mail #4 – is this OK? 9/14/2011

  11. E-mail #4 – Yes! 9/14/2011

  12. E-mail #5 – is this OK? 9/14/2011

  13. E-mail #5 – NO! 9/14/2011

  14. Receiving outside e-mail securely • Can patients or business associates outside the University initiate secure messages to me? • Yes, third parties may send secure messages to all @utah.edu addresses after first registering with the Cisco Registered Envelope Service (CRES). In order to register, the third party must have first received a secure e-mail from a University associate. 9/14/2011

  15. E-mail #6 – is this OK? 9/14/2011

  16. E-mail #6 – Questionable • Better to use your UMail account 9/14/2011

  17. Beware e-mail forwarding • If you set your e-mail to auto-forward, you may inadvertently forward PHI without encrypting it • Others may auto-forward e-mail you send, so be sure to add “phi” to subject line even if sent internally 9/14/2011

  18. Reference • Instructions on how to send PHI securely can be found here: • http://www.secureit.utah.edu/training/securemail/index.html 9/14/2011

  19. Shred it! • Paper, film, or other hard copy must be shredded or destroyed at end-of-life • Electronic media containing PHI must be cleared, purged, or destroyed • Redaction of paper records is not an approved method of rendering PHI unusable 9/14/2011

  20. Protect it! • Curb your curiosity • Double-check all mailings • Use the applications portal (Citrix) • Secure all FAX machines • Use secure paging systems • Protect PHI at all times from unauthorized use 9/14/2011

  21. Faxing • Use “10 digit dialing” • Remember to include “9” for outside numbers • e.g. 9-1-801-5XX-XXXX • Double-check your number before sending 9/14/2011

More Related