ABOUT THE SHIELD PROJECT
From 2004 to 2008, reported IT security breaches increased from 32 million to 245 million affected individuals. So far in 2009, Healthcare makes up for 13% of the breaches but accounted for 70% of the affected individuals (source: ITRC).
Information privacy and security are the responsibility of all Health Affairs faculty, staff, and students. Security breaches are often the result of well-intentioned employees who do not follow secure processes while doing their jobs. As such, it is important to remember the following principle:
Information privacy and security are not just about technology. They are about the way people handle the personal information they collect and store. Protect all personal information as you would like others to protect yours.
Health Information Technology has created a Security Awareness group with representatives from Health Affairs colleges and the MSU HealthTeam. The primary task of this group is to educate users on:
-
All forms of PHI
-
Appropriate use of hard drives
-
Definition of appropriate and inappropriate access
-
Determine best way to balance security and access: physicians accessing their own information
-
Help ensure no sensitive data gets out in appropriately: such as removable disks and e-mail
-
Best practices for hardware
-
Guidance on what to do with unsolicited e-mail from patients
-
Amnesty Day for people to have data on their hard drives moved off or encrypted
This website is an integral part of the effort and a work in progress. Please help us build a more secure computing environment by reviewing and sharing this website with others.