1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for.

Slides:



Advertisements
Similar presentations
ANNUAL SECURITY AWARENESS TRAINING – 2011 UMW Information Technology Security Program Annual Security Awareness Training for UMW Faculty and Staff.
Advertisements

HIPAA Security.
Computer and Mobile Device Equipment Security Brief May 29, 2008 Presented by: Kevin G. Sutton, Chief, Information Technology Unit.
INADEQUATE SECURITY POLICIES Each covered entity and business associate must have written polices that cover all the Required and Addressable HIPAA standards.
Welcome to the SPH Information Security Learning Module.
Copyright © 2012, Big I Advantage®, Inc., and Swiss Re Corporate Solutions. All rights reserved. (Ed. 08/12 -1) E&O RISK MANAGEMENT: MEETING THE CHALLENGE.
WRSU Customer Service The Beauty of Change. Privacy and Confidentiality.
Privacy and Information Security Training ( ) VUMC Privacy Website
HIPAA Basic Training for Privacy & Information Security Vanderbilt University Medical Center VUMC HIPAA Website:
The Health Insurance Portability and Accountability Act of 1996– charged the Department of Health and Human Services (DHHS) with creating health information.
1 HIPAA Education CCAC Professional Development Training September 2006 CCAC Professional Development Training September 2006.
 The Health Insurance Portability and Accountability Act of  Federal Law designed to protect sensitive information.  HIPAA violations are enforced.
Health Insurance Portability & Accountability Act “HIPAA” To every patient, every time, we will provide the care that we would want for our own loved ones.
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 25 & 27 November 2013.
Computer viruses Hardware theft Software Theft Unauthorized access by hackers Information Theft Computer Crimes.
Critical Data Management Indiana University HR Summit April 24, 2014.
Guide to Massachusetts Data Privacy Laws & Steps you can take towards Compliance.
Copyright © 2014 Merck Sharp & Dohme Corp., a subsidiary of Merck & Co., Inc. All rights reserved. In practice, how do we recognize a potential Privacy.
9/20/07 STLSecurity is Everyone's Responsibility 1 FHDA Technology Security Awareness.
Information Security Awareness:
Personal Data Protection and Security Measures Justin Law IT Services - Information Security Team 18, 20 & 25 March 2015.
DATA SECURITY Social Security Numbers, Credit Card Numbers, Bank Account Numbers, Personal Health Information, Student and/or Staff Personal Information,
October is National Cyber Security Month OIT and IT providers are launching an awareness campaign to provide tips and resources to help you stay safe online.
Tips and Techniques: How to Protect Yourself and Others Better Jeanne Smythe February 20, 2004.
HIPAA What’s Said Here – Stays Here…. WHAT IS HIPAA  Health Insurance Portability and Accountability Act  Purpose is to protect clients (patients)
Security and Confidentiality Practices - Houston Dept. of Health and Human Services Jerald Harms, MPH, CART and Jeff Meyer, MD, MPH HIV/AIDS Surveillance.
HIPAA Privacy & Security EVMS Health Services 2004 Training.
SECURITY: Personal Health Information Protection Act, 2004 this 5 min. course covers: changing landscape of electronic health records security threats.
Columbia University Medical Center Health Insurance Portability and Accountability Act of 1996 (“HIPAA”) Privacy & Information Security Training 2009.
Protecting Sensitive Information PA Turnpike Commission.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Cameron Simpson.
Information guide.
ESCCO Data Security Training David Dixon September 2014.
Information Security 2013 Roadshow. Roadshow Outline  Why We Care About Information Security  Safe Computing Recognize a Secure Web Site (HTTPS) How.
GOLD UNIT 4 - IT SECURITY FOR USERS (2 CREDITS) Thomas Jenkins.
Privacy and Information Management ICT Guidelines.
University Health Care Computer Systems Fellows, Residents, & Interns.
INFORMATION SECURITY WHAT IS IT? Information Security The protection of Information Systems against unauthorized access to or modification of information,
PRIVACY, SECURITY & ID THEFT PREVENTION - TIPS FOR THE VIGILANT BUSINESS - SMALL BUSINESS & ECONOMIC DEVELOPMENT FORUM October 21, WITH THANKS TO.
Children’s Hospital Requirements for Remote Access.
Topic 5: Basic Security.
NOTE: To change the image on this slide, select the picture and delete it. Then click the Pictures icon in the placeholder to insert your own image. Cyber.
CHCS MAILMAN USER REFERENCE GUIDE UPDATED MARCH 2014
A Road Map to Research at Jefferson: HIPAA Privacy and Security Rules for Researchers Presented By: Privacy Officer/Office of Legal Counsel October 2015.
LESSON 5-2 Protecting Your Computer Lesson Contents Protecting Your Computer Best Practices for Securing Online and Network Transactions Measures for Securing.
Information Security Everyday Best Practices Lock your workstation when you walk away – Hit Ctrl + Alt + Delete Store your passwords securely and don’t.
ANNUAL HIPAA AND INFORMATION SECURITY EDUCATION. KEY TERMS  HIPAA - Health Insurance Portability and Accountability Act. The primary goal of the law.
University of Texas Medical Branch Print Management Working Together to Work Wonders.
OCTOBER IS CYBER SECURITY AWARENESS MONTH. October is Cyber Security Awareness Month  Our Cyber Security Awareness Campaign focuses on topics such as.
Common sense solutions to data privacy observed by each employee is the crucial first step toward data security Data Privacy/Data Security Contact IRT.
Todays’ Agenda Private vs. Personal Information Take out your notebook and copy the following information. Private information – information that can be.
SemiCorp Inc. Presented by Danu Hunskunatai GGU ID #
HIPAA Privacy What Every Staff Member Needs to Know.
How to Make Yourself More Secure Using Public Computers and Free Public Wi-Fi.
Properly Safeguarding Personally Identifiable Information (PII) Ticket Program Manager (TPM) Social Security’s Ticket to Work Program.
Reviewed by: Gunther Kohn Chief Information Officer, UB School of Dental Medicine Date: October 20, 2015 Approved by: Sarah L. Augustynek Compliance Officer,
ISMS Information Security Management System
HIPAA Privacy and Security
Protecting PHI & PII 12/30/2017 6:45 AM
Use of BMC Patient Information Privacy & Security
HIPAA Online Student Orientation
Service Point 5 ReportWriter
Welcome to the SPH Information Security Learning Module
Health Insurance Portability and Accountability Act
Information Security Training
HIPAA & PHI TRAINING & AWARENESS
Lesson 3: Medical Records
Move this to online module slides 11-56
Handling Information Securely
Presentation transcript:

1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for training purposes only.

2 Enterprise Security Why this training is important for you Whatever your role is at Providence & Health Services, you will hear, see and work with information which needs to be kept secure. This is our promise to our patients and our ethical and legal responsibility. The following privacy and information security responsibilities are very important because the actions you take impact our ability to keep our information and computer network secure.

3 Enterprise Security Providence has more than 50,000 employees serving the needs of our communities. Our work is driven by our ministry of service and guided by our mission and values. It is in this spirit that we ask you to focus these next few minutes on learning about privacy and information security and what you can do to protect our information and assets.

4 Enterprise Security Providence Mission As people of Providence, we reveal God’s love for all, especially the poor and vulnerable, through our compassionate service.

5 Enterprise Security Course Goals After completing this training you will know what is expected of you when: Using our computer network Working with confidential information – –Password Safety Taking work outside the workplace Reporting security or privacy concerns

6 Enterprise Security Computer Usage People must rely on their computers all day, every day, to do their jobs and our computer system must be secure. Do not change the settings on your computer, add or remove software or connect any personally owned devices without authorization.

7 Enterprise Security Confidential information is any information not available to the public This includes Patient or employee-related information, whether in hard copy or electronic format Financial or personally identifying information such as credit card, social security or driver’s license numbers Business plans Confidential knowledge gained through your work

8 Enterprise Security While performing your job, you are not authorized to access any business or medical records other than those you specifically need to do your job. This is called limited information access. Accessing files of relatives, co-workers, friends or even yourself is not allowed. Limited Access

9 Enterprise Security Protect Confidential Information Do not store electronic files on your computer’s hard drive or desktop, it will not be backed up Dispose of papers in shredding containers Verify identities before giving information over the phone Have permission before leaving confidential or private messages on voice mail boxes

10 Enterprise Security Protect Confidential Information Keep papers out of public view Clean off white boards Take care you are not being overheard Promptly remove papers from copiers, printers, fax machines and meeting rooms

11 Enterprise Security Reply All? Who needs to know? Always use secure messaging when sending Protected Health Information (PHI) or other confidential data. Think about who needs to know before selecting “Reply All” or “Forward” Using *Ask your manager about how to use secure messaging

12 Enterprise Security Remember, is the most common means for spreading a virus. Do not open s and attachments that appear suspicious. Do not click on unfamiliar links. If it looks suspicious, delete it! Virus Control

13 Enterprise Security Did you know that every time you use a Providence computer it is recorded? All of your computer activity is traced back to you through your User ID. Going to a website Looking up files Sending s Printing papers Using clinical applications Accessing medical records Protecting Yourself Computers are for business use.

14 Enterprise Security Remember, if you share your password all activity will be traced back to YOU! Password safety

15 Enterprise Security Do you have a strong Password? Never share your password or leave it written down for others to find Create your own password that is at least six characters long Example: taxi = Tax2018i Use a mix of letters and numbers and no personal information Periodically change your password Password Safety

16 Enterprise Security Protecting Information When working in clinical areas with multi-user stations: 1.Make entries in a timely fashion 2.Save your work 3.Log out Single users: When you leave your work station lock your computer every time To lock you computer press Ctrl + Alt + Delete, then Enter

17 Enterprise Security Encryption Warning: For encryption to work do not leave your laptop on hibernate or standby. The machine must be shut off. Because they are portable, all mobile devices such a laptops, PDAs, flash drives and CDs increase our risk of data being lost or stolen. To protect Providence and our patients, each of these mobile devices must be encrypted and Providence approved.

18 Enterprise Security Outside the Workplace The following practices are very important to protect our information and our computer network. Keep mobile devices with you or in a secure, locked location Do not leave papers or any mobile devices in your car Never store Providence documents on your home computer Make sure papers in your laptop bag or briefcase are properly secured

19 Enterprise Security Help Providence Health & Services – Be Alert for Papers lying around which have confidential information on them Strangers making unnecessary inquiries or trying to gain access into Providence buildings Inconsistencies or changes in records which should not have happened Equipment being misplaced or stolen

20 Enterprise Security Reporting your Concerns Should you have any concerns about privacy or information security report them to your manager immediately or call the toll free Providence Integrity Line 888 – 294 – 8455 Your call is confidential and anonymous

21 Enterprise Security Thank you for your contributions to Providence and the people we serve.