Information security is a team effort requiring each of us to make careful choices.
Our work exposes us to a lot of private information about the people we support. Whether it’s data recorded in Therap about goals, medications, or dietary requirements, or information you share with a coworker about the care of an individual over email, our work routinely touches Protected Health Information. Access to PHI is required for the agency to operate, and the federal government allows access if we follow specific rules and will penalize us if we do not comply. While it may seem to go against common sense to say that something is a team effort requiring individual choices, it is important to remember that your bad choices may not only compromise the PHI of a single person, but also the ability of you and your coworkers to make a living.
Information security is not just using complex and unique passwords or pass phrases which you change on a regular basis, rather, it is a security mindset about how we conduct ourselves when in contact with PHI. This mindset requires that we be skeptical about email we receive from people we do not know, question an attachment sent by an account that looks like it may be from someone we do know, that we question each and every system prompt requesting that we type our username and password, that we pause and think before responding to an email with inflammatory language, that we take steps to examine the links that come up in our web searches, and so forth. Here are some links to help you become an effective member of our information security team here at Saratoga Bridges: