FacebookTwitterLinkedInEmailPrint
This entry is part 11 of 26 in the series HIPAA Privacy-Security Reminders

All of your workforce members must be mindful of their responsibilities when given access to information “assets” such as hardware, software, storage media, etc. Such access is a privilege and should only be used for legitimate, job-related activity.  The recent Resolution Agreement between UCLA Health System and OCR is a clear example of abuse of information system privileges.  Learn more about what you and your company should be doing…

Using such access to look up family members, friends, celebrities and other employees without a genuine, job-related need is an abuse of such privilege and may subject the individual to sanctions, up to and including termination.

In particular, the HIPAA federal law and associated regulations protect the privacy and security of patients’ health data.  You may have been asked to sign a HIPAA confidentiality statements and are likely governed by both your company’s HIPAA policies as well as your company’s information system policies.

These policies apply to ALL workforce members regardless of tenure or rank.

In this regard, employees must guard their authentication credentials such as username and password. Do not share your password with any other workforce member. You do not wish to be held accountable for actions committed by another workforce member using your username and password. If you suspect your password has been compromised, please change it immediately.

Never leave your workstation unattended for any extended period of time, especially when displaying/accessing sensitive information. Before leaving, lock your workstation and/or close the relevant application (Windows users can use <Ctrl + Alt + Del> and select “Lock computer”).  Use a password-protected screensaver which activates after a suitable time (15 minutes or less) in case you are unintentionally away for longer than expected.

The complete HIPAA Privacy, Security and Breach regulations are here.

Contact us for more information or to learn about a tailored Clearwater HIPAA Audit Prep WorkShop™ or the Clearwater HIPAA Audit Prep BootCamp™ series.

More HIPAA HITECH Resources:

The complete HIPAA Privacy, Security and Breach regulations are here.

Join our AboutHIPAA LinkedIn Group: http://AboutHIPAALI.org
Follow us on Twitter
Subscribe to our eNewsletter
Attend a live educational webinar.

Series Navigation<< HIPAA Privacy and Security Reminders – Sanction PolicyHIPAA Privacy and Security Reminders – Instant Message or Instant Mess? >>

Bob Chaput

CEO at Clearwater Compliance
Bob is the CEO and Founder of Clearwater Compliance. He has 25 years of experience in the Healthcare industry, and his experience includes managing some of the world’s largest HR, benefits and healthcare databases, requiring the highest levels of security and privacy. Mr. Chaput continues to expand and update his knowledge base on HIPAA-HITECH compliance through postgraduate study, earning professional certifications and participating in professional healthcare and other organizations.
 
FacebookTwitterLinkedInEmailPrint