It is our duty to protect the patient’s information.
Only the minimum information necessary should be shared (Note: this refers to information that is being shared for purposes of payment or hospital operations; it is permissible to share any information necessary for the treatment of the patient).
Both PCMH and the Brody School of Medicine are required to conduct audit trails on each of our electronic medical records to monitor compliance.
Always subject to being overheard in public areas (keep this in mind when you are in an elevator, on (in) line in the cafeteria, in the restroom)
Be aware of the patient’s privacy when you are in a semi-private room.
Confidential information needs to be removed from fax, copy machines and printers
You should only fax information if it is necessary for immediate patient care purposes; if you don’t’ know where the receiving fax is located (e.g., if the fax machine could be located in a public area), please telephone ahead to be sure someone is waiting by the fax machine to receive the patient information
Double check the fax number before sending.
Never leave confidential information in public places (i.e. restrooms, conference rooms)
Protecting Electronic Information
Information regarding patients should be sent by e-mail only within the medical center’s secure network. If you need to send PHI via email, contact the IS Customer Support Help Desk at 847-5111 to receive directions on encrypting the email.
It is best to send de-identified information whenever possible (e.g. “34 year old female exhibiting symptoms. . .” instead of patient’s name if that is not necessary).
Also remember to always check the TO, CC and BCC fields for the correct names before hitting the send button on e-mails.
March 17, 2009