1 Enterprise Security Your Information Security and Privacy Responsibilities © 2008 Providence Health & Services This information may be replicated for training purposes only.
2 Enterprise Security Why this training is important for you Whatever your role is at Providence & Health Services, you will hear, see and work with information which needs to be kept secure. This is our promise to our patients and our ethical and legal responsibility. The following privacy and information security responsibilities are very important because the actions you take impact our ability to keep our information and computer network secure.
3 Enterprise Security Providence has more than 50,000 employees serving the needs of our communities. Our work is driven by our ministry of service and guided by our mission and values. It is in this spirit that we ask you to focus these next few minutes on learning about privacy and information security and what you can do to protect our information and assets.
4 Enterprise Security Providence Mission As people of Providence, we reveal God’s love for all, especially the poor and vulnerable, through our compassionate service.
5 Enterprise Security Course Goals After completing this training you will know what is expected of you when: Using our computer network Working with confidential information – –Password Safety Taking work outside the workplace Reporting security or privacy concerns
6 Enterprise Security Computer Usage People must rely on their computers all day, every day, to do their jobs and our computer system must be secure. Do not change the settings on your computer, add or remove software or connect any personally owned devices without authorization.
7 Enterprise Security Confidential information is any information not available to the public This includes Patient or employee-related information, whether in hard copy or electronic format Financial or personally identifying information such as credit card, social security or driver’s license numbers Business plans Confidential knowledge gained through your work
8 Enterprise Security While performing your job, you are not authorized to access any business or medical records other than those you specifically need to do your job. This is called limited information access. Accessing files of relatives, co-workers, friends or even yourself is not allowed. Limited Access
9 Enterprise Security Protect Confidential Information Do not store electronic files on your computer’s hard drive or desktop, it will not be backed up Dispose of papers in shredding containers Verify identities before giving information over the phone Have permission before leaving confidential or private messages on voice mail boxes
10 Enterprise Security Protect Confidential Information Keep papers out of public view Clean off white boards Take care you are not being overheard Promptly remove papers from copiers, printers, fax machines and meeting rooms
11 Enterprise Security Reply All? Who needs to know? Always use secure messaging when sending Protected Health Information (PHI) or other confidential data. Think about who needs to know before selecting “Reply All” or “Forward” Using *Ask your manager about how to use secure messaging
12 Enterprise Security Remember, is the most common means for spreading a virus. Do not open s and attachments that appear suspicious. Do not click on unfamiliar links. If it looks suspicious, delete it! Virus Control
13 Enterprise Security Did you know that every time you use a Providence computer it is recorded? All of your computer activity is traced back to you through your User ID. Going to a website Looking up files Sending s Printing papers Using clinical applications Accessing medical records Protecting Yourself Computers are for business use.
14 Enterprise Security Remember, if you share your password all activity will be traced back to YOU! Password safety
15 Enterprise Security Do you have a strong Password? Never share your password or leave it written down for others to find Create your own password that is at least six characters long Example: taxi = Tax2018i Use a mix of letters and numbers and no personal information Periodically change your password Password Safety
16 Enterprise Security Protecting Information When working in clinical areas with multi-user stations: 1.Make entries in a timely fashion 2.Save your work 3.Log out Single users: When you leave your work station lock your computer every time To lock you computer press Ctrl + Alt + Delete, then Enter
17 Enterprise Security Encryption Warning: For encryption to work do not leave your laptop on hibernate or standby. The machine must be shut off. Because they are portable, all mobile devices such a laptops, PDAs, flash drives and CDs increase our risk of data being lost or stolen. To protect Providence and our patients, each of these mobile devices must be encrypted and Providence approved.
18 Enterprise Security Outside the Workplace The following practices are very important to protect our information and our computer network. Keep mobile devices with you or in a secure, locked location Do not leave papers or any mobile devices in your car Never store Providence documents on your home computer Make sure papers in your laptop bag or briefcase are properly secured
19 Enterprise Security Help Providence Health & Services – Be Alert for Papers lying around which have confidential information on them Strangers making unnecessary inquiries or trying to gain access into Providence buildings Inconsistencies or changes in records which should not have happened Equipment being misplaced or stolen
20 Enterprise Security Reporting your Concerns Should you have any concerns about privacy or information security report them to your manager immediately or call the toll free Providence Integrity Line 888 – 294 – 8455 Your call is confidential and anonymous
21 Enterprise Security Thank you for your contributions to Providence and the people we serve.