210 likes | 336 Views
E ncrypt, S hred, P rotect (ESP). Encrypt it!. Always put “phi” in the subject line of e-mails that contain patient information Check with your IT support team to ensure that your laptop is encrypted (or any device with PHI)
E N D
Encrypt, Shred, Protect (ESP) 9/14/2011
Encrypt it! • Always put “phi” in the subject line of e-mails that contain patient information • Check with your IT support team to ensure that your laptop is encrypted (or any device with PHI) • Work with your IT support team to encrypt your jump drives or other storage device 9/14/2011
Quiz on e-mailing PHI • For each of the e-mails in the following slides, indicate whether it should be sent 9/14/2011
E-mail #1 – is this OK? 9/14/2011
E-mail #1 – NO! 9/14/2011
E-mail #2 – is this OK? 9/14/2011
E-mail #2 – NO! 9/14/2011
E-mail #3 – is this OK? 9/14/2011
E-mail #3 – NO! 9/14/2011
E-mail #4 – is this OK? 9/14/2011
E-mail #4 – Yes! 9/14/2011
E-mail #5 – is this OK? 9/14/2011
E-mail #5 – NO! 9/14/2011
Receiving outside e-mail securely • Can patients or business associates outside the University initiate secure messages to me? • Yes, third parties may send secure messages to all @utah.edu addresses after first registering with the Cisco Registered Envelope Service (CRES). In order to register, the third party must have first received a secure e-mail from a University associate. 9/14/2011
E-mail #6 – is this OK? 9/14/2011
E-mail #6 – Questionable • Better to use your UMail account 9/14/2011
Beware e-mail forwarding • If you set your e-mail to auto-forward, you may inadvertently forward PHI without encrypting it • Others may auto-forward e-mail you send, so be sure to add “phi” to subject line even if sent internally 9/14/2011
Reference • Instructions on how to send PHI securely can be found here: • http://www.secureit.utah.edu/training/securemail/index.html 9/14/2011
Shred it! • Paper, film, or other hard copy must be shredded or destroyed at end-of-life • Electronic media containing PHI must be cleared, purged, or destroyed • Redaction of paper records is not an approved method of rendering PHI unusable 9/14/2011
Protect it! • Curb your curiosity • Double-check all mailings • Use the applications portal (Citrix) • Secure all FAX machines • Use secure paging systems • Protect PHI at all times from unauthorized use 9/14/2011
Faxing • Use “10 digit dialing” • Remember to include “9” for outside numbers • e.g. 9-1-801-5XX-XXXX • Double-check your number before sending 9/14/2011