Episode 7: Know The Rules! Trick or Treat for PHI


How to Keep Your Health Information Private and Secure

There are laws that protect the privacy of your health information held by those who provide health care services. But as it becomes easier to get and share your own health information online, you need to take steps to protect it.

Does HIPAA Protect All Health Information?

No!

The Health Insurance Portability and Accountability Act (HIPAA) Privacy and Security Rules are federal laws that set national standards for protecting the privacy and security of health information. Health information that is kept by health care providers, health plans and organizations acting on their behalf is protected by these federal laws.

However, you should know that there are many organizations that do not have to follow these laws.

  1. Store in a mobile app or on a mobile device, such as a smartphone or tablet.
  2. Share over social media websites or health-related online communities, such as message boards.
  3. Store in a personal health record (PHR) that is not offered through a health provider or health plan covered by HIPAA.

Keep Your Electronic Health Information Secure

There are a number of ways you can help protect your electronic health information. Here are some tips to ensure your personal health information is private and secure when accessing it electronically:

When Using Social Media

Think carefully before you post anything on the Internet that you don’t want to be made public – do not assume that an online public forum is private or secure.

If you decide to post health information on a social media platform, consider using the privacy setting to limit others’ access.

Be aware that information posted on the web may remain permanently.

When Using Mobile Devices

Research mobile apps – software programs that perform one or more specific functions – before you download and install any of them. Be sure to use known app websites or trusted sources.

Read the terms of service and the privacy notice of the mobile app to verify that the app will perform only the functions you approve.

Consider installing or using encryption software for your device. Encryption software is now widely available and increasingly affordable.

Install and activate remote wiping and/or remote disabling on your mobile devices. The remote wipe feature allows you to permanently delete data stored on a lost or stolen mobile device. Remote disabling enables you to lock data stored on a lost or stolen mobile device, and unlock the data if the device is recovered.


 

 

 

Don’t know where or how to start or update your HIPAA security compliance program? Let’s chat about your compliance program – schedule a call with HIPAA alli today!