Keeping Information Secure While Working Remote

CB0003-21

March 3, 2021

During this continued time of uncertainty, while we continue to work remote, we want to be sure to remain compliant when interacting with the consumer PHI/PII.

As a sales agent, consumers entrust you with a great deal of their personal information. HIPAA information is sensitive and should be kept confidential and only disclosed as needed in order to prevent fraud or misuse. This information specifically includes Protected Health Information (“PHI”) and Personal Identifiable Information (“PII”). The information can be in any form including oral, written or electronic.

  • Personal Health Information (PHI)
  • Consumer demographics
  • Health information on any level
  • Personal Identifiable Information (PII)
  • Social Security Number
  • Driver’s license or state identification card
  • Credit or Debit card
  • Banking information
  • Passwords

Below are some steps you can take to help ensure compliance with the HIPAA Privacy and Security rules and regulations:

  • Electronic devices containing confidential information must be encrypted and password protected.
  • Emails with confidential information must be encrypted when transmitting.
  • When sending faxes, use a cover page with a HIPAA disclaimer. Verify the recipient’s fax number prior to sending.

Store documents with PHI and PII in a secure, locked location. This includes, but is not limited to:

  • Inventory sheets
  • Needs analysis
  • Meeting notes
  • Applications
  • Consumer checks
  • Use a secure method to dispose of any documents containing PHI or PII such as the shredder that is located in each office.

Sample disclaimer for email messages:

Confidentiality Notice: This e-mail, including attachments, may include confidential and/or proprietary information, and may be used only by the person or entity to which it is addressed. If the reader of this e-mail is not the intended recipient or his or her authorized agent, the reader is hereby notified that any use, dissemination, distribution, retention or copying of this e-mail is prohibited. If you have received this e-mail in error, please notify the sender by replying to this message and delete this e-mail immediately.

 Sample disclaimer for fax cover sheets:

Confidentiality Notice: The information contained in this facsimile may be confidential and legally privileged. It is intended only for use of the Individual named. If you are not the intended recipient, you are hereby notified that the disclosure, copying, distribution, or taking of any action in regards to the contents of this fax – except its direct delivery to the intended recipient – is strictly prohibited. If you have received this fax in error, please notify the sender immediately and destroy this cover sheet along with its contents, and delete from your system, if applicable.

 In the Event of a Breach

  • Immediately inform your General Manager.
  • Contact the Compliance Department; we will immediately follow all federal, state and carrier reporting guidelines.

You will need to remain compliant with data security. Transmitting documents via secure email or fax is preferred, and never leave any customer PII or PHI in the open for anyone to see.

 Resources

The Office of Civil Rights (enforcement body of HIPAA)

http://www.hhs.gov/ocr/office/index.html

HIPAA Privacy and Security Rule

http://www.hhs.gov/ocr/privacy/hipaa/administrative/combined/index.html

 Additional information on encryption

http://csrc.nist.gov/

As always, we thank you for your support and cooperation. For questions or comments, please email us at Compliance@YourMedicare.com or you may call the toll-free number listed below.

FOR AGENT USE ONLY. NOT FOR USE WITH CONSUMERS.

Compliance Updates | 2650 McCormick Drive | Clearwater, FL 33759 | 844.206.2927