The HIPAA Privacy Rule provides federal protections for personal health information held by covered entities and their business associates. It also gives patients an array of rights with respect to that information. Keep protected health information (PHI) secure—this means protecting PHI from people who should not have access to it.
Examples of how to keep PHI secure:
- If PHI is in a place where patients or others can see it, cover or move it.
- If you work with PHI on your desk or on a computer, make sure no one can walk up behind you without you knowing it.
- When PHI is not in use, store it in a locked office or a locked file cabinet.
- Remove documents from faxes and copiers as soon as you can.
- Do not talk about patients where others can hear you or in public areas.
- Close your office door when talking to patients.
- Do not take files or documents containing PHI out of the office or clinic.
- Shred PHI when documents or files are no longer needed and dispose securely.
- When PHI is stored on a computer or storage device, use passwords, anti-virus software, data backups, and encryption to secure access to the information.
Everyone is responsible for protecting patient information. If you are ever unsure about how to handle patient information, please contact Provider Services at ProviderServices@scfhp.com.