Issue link: https://blog.providence.org/i/1541294
• Privileged information from internal/external counsel Removing confidential information requires supervisor/manager approval. Be aware of security configurations in repositories. Texting Guidelines Do not text PHI. Utilize approved communication methods (Teams, Outlook, Epic In basket). If you must text in an emergency situation, request a phone call back or keep it generic. If you receive confidential information on your cell phone report it but do not share it. Centers for Medicare and Medicaid Services (CMS) does not permit the texting of orders by physicians or other health care providers Responsible Use of Social Media Never post textual descriptions of anything related to the care or treatment of a patient on your personal social media account. A unique story that you think is de-identified may be identifiable to a patient or their family. Marketing or communications must review and approve all intended disclosures of patient information outside of Providence. Verbal permissions is not sufficient. Never share confidential or proprietary information about Providence or other workforce members even when your account is set to private. If you identify yourself on your personal social media account as a workforce member at Providence, you should make it clear that your statements and opinions are yours and are not being made on behalf of Providence. Cyber Security at Providence Providence monitors the use of all information systems, all access to electronic data and all devices that are used to access our systems or data. Personal device use must comply with all security policies (password protected, updated Operating System, patches, anti-virus, etc.) and the Use of Personal Device HR policy. • Personal devices that contain Providence applications, programs and apps are not to be used by anyone else or shared with anyone else. • Any attempt to circumvent Providence security controls or non-compliance with policies can result in disciplinary action up to including termination of contract/partnership. • Keep all passwords private and secure. Do not share with anyone, ever! • Lock or log off your computer when you walk away. • To avoid phishing schemes, work related or personal, do no click on suspicious links or download attachments from unfamiliar senders, especially from email addresses you've never encountered before. • Personal email addresses must never be used for sending or receiving PHI or any confidential information. Provider Education Training Manual 33 |