Livanta logo

Online Safety

    Keeping Your Health Information Safe and Private
    Companies with your medical and personal records are required to protect this information under Federal law! The HITECH Act and HIPAA Act regulate who can access and how your protected health information (PHI) must be stored or transmitted. Below are a few definitions that are typically used in the health care industry:

    HIPAA (Health Insurance Portability and Accountability Act)
  • Sets rules as to who can access your health records.
  • Ensures that your health records are handled correctly by providers and others.
  • Allows you to designate family or a representative to access your records.
  • Ensures the confidentiality, integrity, and availability of all PHI.

  • HITECH (The Health Information Technology for Economic and Clinical Health Act)
  • Notification of Breach requirements.
  • Electronic Health Record Access.
  • Use restrictions and accounting.
  • Business Associates and Business Associate Agreements.

  • PHI (Protected Health Information) is
  • Any information that identifies an individual and relates to past, present or future physical or mental health condition; provision of health care; past, present or future payment for health care of that individual that is created by or collected by health care providers, QIOs or other health care organizations.
  • Information that should never be shared through email.

  • PII (Personally Identifiable Information) is
  • Sensitive personal information that can be used to verify your identity.
  • Examples: date of birth, social security number, address and phone number.
  • Information that should never be shared through email.

  • Best Practices (To help keep your information PRIVATE!)
  • Do not email your personal sensitive information.
  • Never give your Social Security number or other information to strangers who call, text, or send e-mail messages to you.
  • Don't post your date of birth, mother's maiden name, first pet's name, or other personal information on websites.
  • Never put your name along with your date of birth or other PII/PHI in an email. A provider will never ask for this through email.
  • Always verify that you are accessing a webpage using HTTPS (which is more secure) and not HTTP when conducting electronic healthcare related transactions.

  • Any violation of these laws is a serious issue and should be reported to:
  • The Centers for Medicare and Medicaid Services (CMS) at 1-800-Medicare.

  • Visit helpful links:
  • The National Cyber Security Alliance implements education and awareness efforts to empower users with the information they need to use the internet safely and securely.
  • The Department of Homeland Security provides helpful information on cybersecurity.