3 Ways to Keep Personal Health Information Safe
When you think about your personal health information (PHI), you probably think you’re protected – there are HIPAA laws in place, you trust your doctors, and hospitals have to be secure, right? Wrong! Over the past three years, almost 21 million patients have had their medical records violated in data security breaches, according to the Department of Health and Human Services. Most people assume that HIPAA laws will protect their information – health information that is kept by health care providers and plans, or organizations acting on their behalf, is protected by these federal laws. However, there are many places and situations where HIPAA doesn’t apply. That’s scary!
Especially in today’s mobile culture, anyone can store health information on a personal device or share it via an online source, like a hospital’s website. These are specific areas where following HIPAA laws isn’t required. While you may think your smartphone is protected, any information that has been shared in one way or another is readily available for hackers everywhere. You may have taken the appropriate steps to protect yourself in other areas – using strong passwords, not sharing your SSN, keeping your social media private – all of which can apply to protecting PHI as well – but here are some specific ways to make sure your PHI is safe.
Protect your devices
Your smartphone, your laptop, your tablet – all of these are easy targets for hackers and thieves, especially when they’re not protected as well as they should be.
- Make sure your security software is current and regularly updated, and encrypt your data by keeping your browser secure.
- Avoid scam and phishing emails and phone calls – don’t open anything from anyone you don’t know, and be wary of imitators on phone calls. Don’t offer any PHI via email or on the phone unless you have verified the authenticity of the person contacting you.
- Be careful using any kind of public wireless network – use as many encrypted sites as possible or wait until you can access a private network before sharing or posting personal health information.
- Lock it up – use strong passwords, clear out old information, utilize every locking feature for each of your devices. It may seem tedious, but an extra minute in protection will save you hours and hours of heartache later.
Talk to your healthcare providers about protection
No matter where you find yourself – the ER, a surgery center or your local practitioner – you need to know your rights and whether or not your information will be protected. You can sign the HIPAA forms all day long, but unless you really know and understand your rights, your information could be at risk.
- Read privacy policies – they’re long and complex, but they break down how your PHI is handled, whether at the office, on their website or via personal communication.
- Ask questions – it may be awkward at times, but if you don’t understand something, speak up and ask for an explanation. You won’t know if you don’t ask.
- Use patient portals whenever you can – many health organizations are utilizing patient portals to protect personal health information, keeping as much information privatized as possible. If your doctor doesn’t use one, mention it to them!
- Secure your SSN – your doctors may need to know your SSN, but be sure that it won’t be sitting around for anyone to see. Firstly, verify that they absolutely need it, and if they do, ask what exactly they will need or use it for. Check that they’re protecting their patient information with the utmost security.
- Read your statements – whether from the insurance company, your doctor’s office or the hospital, take those statements you receive in the mail seriously. Read through them to make sure your insurance is properly covering services, that you’re not being overcharged in any way, and if you see any suspicious activity, call the appropriate department immediately.
Delete, shred and destroy
Think about your PHI – where might you have it stored? On your phone? In your emails? A filing cabinet? Maybe your computer? Let’s be honest – it’s probably in every one of those places. It’s time to do some cleaning.
- Stop sharing information on social media – you’d be surprised what hackers can use to obtain your PHI. Checking in at your doctor’s office, sharing your personal information over multiple sites, posting pictures of your family – all of it can be used to steal your identity, and your PHI could be the next target.
- Shred, shred and shred some more – having a personal shredder is a good option for your home, but if you do use one, make sure it’s going to thoroughly shred everything to the point where nothing can be replaceable. This includes old credit cards, insurance cards, appointment reminders, prescription information, etc. This also includes paper files, hospital bills, old medical records, and anything else that’s taking up space in your filing cabinets. If you do choose to keep paper files, make sure you have them under lock and key. If you simply throw away your confidential information, you could be at a higher risk of having your information violated.
- Destroy old hard drives and scrub old devices – hard drive destruction may be a new concept to a lot of people, but when you delete information off of your computer, it doesn’t really go away. It’s saved in folders on your hard drive, and if you get rid of your computer, someone could get their hands on your information through a hard drive.
Protecting yourself and your family is a necessity – are you doing everything you can to make sure your PHI is secured?
If you’re looking for a secure way to destroy documents, hard drives, x-rays and more, and you’re local to the Birmingham or Huntsville, AL areas, contact us at Secure Destruction. We can handle personal and business shredding of all kinds, and we provide a triple assurance guarantee to give you the peace of mind you need when trying to protect your life. Give us a call to get a quote today!