A HIPAA message -- Security and Patient Privacy

February 17, 2004

This week's HIPAA message explains how "information security" pertains to the confidentiality of patient information.picture disc.

Question: Does "information security" include protecting the confidentiality of patient information, and making sure that only people who are authorized have access to it?

Answer: Yes. Many of the tasks you're asked to do for information security assist in the overall effort to make sure that patient information stays private.

Some of the information security tasks would include:

  • Creating strong passwords
  • Changing passwords
  • Ensuring that attachments to emails from unknown sources are not opened

Recently a hacker compromised the passwords of students, staff and faculty at a University. The Internet system was temporarily shut down in order to secure the system. All users were required to change their passwords.

In order to ensure that the electronic resources are available, it is important that good information security policies are practices.

If you're a manager, please ensure all of your employees are informed of the contents of these e-mails and how it applies to your work area. Some ways of sharing the information include discussions during staff meetings, printing and posting this e-mail or distributing it.