Keeping Information Secure HIPAA Privacy and Security


April 15, 2019


As a sales agent, consumers entrust you with a great deal of their personal information.  HIPAA information is sensitive and should be kept confidential and only disclosed as needed in order to prevent fraud or misuse. This information specifically includes Protected Health Information (“PHI”) and Personal Identifiable Information (“PII”).  The information can be in any form including oral, written or electronic.

Personal Health Information (PHI)

  • Consumer demographics
  • Health information on any level

Personal Identifiable Information (PII)

  • Social Security Number
  • Driver’s license or state identification card
  • Credit or Debit card
  • Banking information
  • Passwords

Below are some steps you can take to help ensure compliance with the HIPAA Privacy and Security rules and regulations:

  • Electronic devices containing confidential information must be encrypted and password protected.
  • Emails with confidential information must be encrypted when transmitting.
  • When sending faxes, use a cover page with a HIPAA disclaimer (see sample disclaimer below).  Verify the recipient’s fax number prior to sending.
  • Store documents with PHI and PII in a secure, locked location.  This includes, but is not limited to:
    1. Inventory sheets
    2. Needs analysis
    3. Meeting notes
    4. Applications
    5. Consumer checks
  • Use a secure method to dispose of any documents containing PHI or PII, such as a shredder.
  • Make sure that you (and any work associates) have unique user IDs and passwords. Passwords should meet industry length and complexity standards.  Do not share IDs and passwords with others.
  • Ensure you have anti-virus and anti-spyware solutions in place in order to protect data on your devices. Configure the software to scan every 12 hours.
  • Make sure you have full disk encryption on workstations and devices (e.g., laptops, computers and portable devices). Encryption technology protects information by converting it into unreadable code that cannot be deciphered easily by unauthorized people.
  • Don’t use removable storage devices like flash drives or disks to store client data.
  • Keep your systems (i.e. web browsers, operating systems and networks) up to date by installing the most recent patches available. Most systems have settings that automatically check for and apply updates.

Sample disclaimer for email messages:

Confidentiality Notice: This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any use, dissemination, distribution, retention or copying of this e-mail is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately.

Sample disclaimer for fax cover sheets:

Confidentiality Notice: The information contained in this facsimile may be confidential and legally privileged. It is intended only for use of the Individual named. If you are not the intended recipient, you are hereby notified that the disclosure, copying, distribution, or taking of any action in regards to the contents of this fax – except its direct delivery to the intended recipient – is strictly prohibited. If you have received this fax in error, please notify the sender immediately and destroy this cover sheet along with its contents, and delete from your system, if applicable.

In the Event of a Breach

  • Immediately inform your hierarchy.
  • Contact the Compliance Department; we will immediately follow all federal, state and carrier reporting guidelines.


The Office of Civil Rights (enforcement body of HIPAA)

HIPAA Privacy and Security Rule

Additional information on encryption

As always, we thank you for your support and cooperation. For questions or comments, please email us at or you may call the toll-free number listed below.


Compliance Updates | 2650 McCormick Drive | Clearwater, FL 33759 | 844.206.2927

error: Alert: Content is protected !!