Keeping Information Secure HIPAA Privacy and Security
December 20, 2019
As a sales agent, consumers entrust you with a great deal of their personal information. HIPAA information is sensitive and should be kept confidential and only disclosed as needed in order to prevent fraud or misuse. This information specifically includes Protected Health Information (“PHI”) and Personal Identifiable Information (“PII”). The information can be in any form including oral, written or electronic.
Personal Health Information (PHI)
- Consumer demographics
- Health information on any level
Personal Identifiable Information (PII)
- Social Security Number
- Driver’s license or state identification card
- Credit or Debit card
- Banking information
Below are some steps you can take to help ensure compliance with the HIPAA Privacy and Security rules and regulations:
- Electronic devices containing confidential information must be encrypted and password protected.
- Emails with confidential information must be encrypted when transmitting.
- When sending faxes, use a cover page with a HIPAA disclaimer (see sample disclaimer below). Verify the recipient’s fax number prior to sending.
- Store documents with PHI and PII in a secure, locked location. This includes, but is not limited to:
- Inventory sheets
- Needs analysis
- Meeting notes
- Consumer checks
- Use a secure method to dispose of any documents containing PHI or PII, such as a shredder.
Sample disclaimer for email messages:
Confidentiality Notice: This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any use, dissemination, distribution, retention or copying of this e-mail is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately.
Sample disclaimer for fax cover sheets:
Confidentiality Notice: The information contained in this facsimile may be confidential and legally privileged. It is intended only for use of the Individual named. If you are not the intended recipient, you are hereby notified that the disclosure, copying, distribution, or taking of any action in regards to the contents of this fax – except its direct delivery to the intended recipient – is strictly prohibited. If you have received this fax in error, please notify the sender immediately and destroy this cover sheet along with its contents, and delete from your system, if applicable.
In the Event of a Breach
- Immediately inform your hierarchy.
- Contact the Compliance Department; we will immediately follow all federal, state and carrier reporting guidelines.
The Office of Civil Rights (enforcement body of HIPAA)
HIPAA Privacy and Security Rule
Additional information on encryption
As always, we thank you for your support and cooperation. For questions or comments, please email us at Compliance@NSGACommunications.com or you may call the toll-free number listed below.
FOR AGENT USE ONLY. NOT FOR USE WITH CONSUMERS.
Compliance Updates | 2650 McCormick Drive | Clearwater, FL 33759 | 844.206.2927