Feb 262013
 

Related topics: Protected Health Information (PHI) | HIPAA security policies | HIPAA identifiers | Network storage

HIPAA security regulations define Protected Health Information (PHI) as any oral or recorded information created or received by a health care provider, health plan, employer, insurer, school or university, health care clearing house or a business associate that relates to the past, present or future physical or mental health or condition, provision of health care or health care payment of an individual.

There are eighteen “HIPAA Identifiers” that can be used to identify an individual, an individual’s family, employers or household members. Examples include names, telephone numbers, email addresses, medical record numbers, photographic images and home address. To see all eighteen identifiers, visit the HIPAA Identifiers page.

Please note that it is a VIOLATION of HIPAA law to store PHI on any personal device, such as a USB drive, external hard drive, home computer, iPhone or iPad. Such violations can cost ECU a fine of up to $1.5 million dollars, and you could be criminally liable for such a breach, including termination, fine and imprisonment.

Protected Health Information (PHI) must only be stored on university-approved and authorized devices. If you are unsure about your storage device, please contact the IT Security Team at ITSecurity@ecu.edu.

In the News

The State of Alaska announced in June 2012 that it is paying $1.7 million to the Federal Government for a 2009 security breach of patient data.  A federal investigation following the breach found inferior security measures in place at Alaska’s Department of Health and Social Services.  In October 2009, a portable hard drive was stolen from the car of an employee who worked for the State Health Department.

Jan 092013
 

Data Privacy Month is an annual EDUCAUSE effort to empower people to protect their privacy and control their digital footprint, as well as escalate the protection of privacy and data as everyone’s priority. This year’s Data Privacy Month Planning Task Force selected weekly themes for the higher education community to focus on. Several free Webinars will also be offered throughout the month of January.

View the month’s schedule of live Webinars at EDUCAUSE: www.educause.edu/dpm.

Register at the EDUCAUSE Live Web site with either your EDUCAUSE account or your e-mail address by visiting http://www.educause.edu/conferences-events/educause-live-webinars.
Register for this webinar
Webinar Overview: Do you really want everyone to know you are out alone at midnight by “checking in” at your local donut shop? Do you use your phone for banking, without password protecting the device?

This free hour-long Webinar will outline the steps you need to take to protect your data privacy when using a mobile device.

Nov 292012
 

Identity theft is the largest white collar crime in the history of the United States. Approximately 15 million United States’ residents have their identities used fraudulently each year with financial losses totaling upwards of $50 billion.

On a case-by-case basis, that means approximately 7% of all adults have their identities misused with each instance resulting in approximately $3,500 in losses.

But there are some things that you can do to protect your personally identifiable information. Visit the IT Security website for tips on keeping your identity safe.