January 28 is Data Privacy Day—an international effort to empower individuals and businesses to respect privacy, safeguard data and enable trust.
At Indiana University, we monitor data privacy trends and developments throughout the world and enhance our program on a continuous basis to ensure the best experience for our constituents. We also closely monitor privacy issues and track trends within IU School of Medicine to assess where we can continue to improve to ensure data privacy for students, employees and patients.
Here are a few privacy issues to be aware of:
1. Transporting physical Protected Health Information (PHI)
In the current remote environment, we are seeing more protected health information transported from one location to another. While this is sometimes a necessity, ensuring the confidentiality, privacy and security of this data during transport is critical. IU’s Removal and/or Transport of PHI policy provides guidance on how to safely and securely move data, whether in paper form or stored electronically on a device or USB. A few highlights from this policy include:
Only the minimum amount of information necessary should be transported. For example, if a list of names must be transported, only the list of names should be moved.
PHI should not be left unattended in a vehicle at any time.
PHI should be transported in a way that it is not viewable or accessible to others (e.g., in a file, briefcase, etc.).
IU will finalize the migration of files from Box Health accounts to the new Microsoft at IU Secure Storage by May. IU has developed secured storage, appropriate for electronic protected health information and other restricted and critical data, with a range of privacy and security safeguards. These safeguards are in place to ensure the confidentiality, integrity and availability of IU data. Understanding how to manage permissions for your sensitive data files is key to managing appropriate access and avoiding sensitive data exposure.
Learn more about secure storage or request a secure storage location for sensitive data files.
Learn how to store, share and collaborate on institutional files at IU.
IU launched privacy.iu.edu to collect in one place guidance on several sectors in our privacy program and provide resources on where to go for questions or further information. Learn more, today!
The Privacy Office is here to serve you and to ensure the proper treatment of our community’s private information. Reach out any time you have a question, concern or suggestion concerning data privacy.
Immediately report any potential privacy incident to the University Information Policy Office at: firstname.lastname@example.org. Learn more about incident reporting and response here.