Protecting private health information is vital because of the high consequences for exposure. Ensuring data security also mitigates the risk of identity theft and fraud, preserving patients' financial well-being. Compliance with privacy regulations, like HIPAA, maintains legal standards, upholding healthcare professionals' integrity. Robust data protection bolsters research endeavors, as individuals are more likely to participate when confident their information won't be misused. Overall, safeguarding private health information upholds individual rights, maintains healthcare quality, and supports ethical medical practices. The burden to prevent information exposure lies with each employee of VUMC Biostatistics.
This policy adopts and extends the Vanderbilt University Medical Center policy on electronic devices; if there is any conflict between department and VUMC policy, the VUMC policy takes precedence. See related policies below.VUMC uses Cortex monitoring software to help detect if an electronic device issued to an employee has been compromised. If an incident is detected, the VUMC security system enacts automatic shutdown of all access to the device and locks the employees VUMC-ID account. After security personnel reviews the device for PHI/PII, the device will be wiped and the employee directed to set a new password.
For this reason, and as a good practice to observe in general:Remember: You are responsible for all usage of your VUMC-issued device(s).
For more about electronic device responsibility, please take a moment to read VUMCs policy on acceptable use: https://vanderbilt.policytech.com/dotNet/documents/?docid=32170