Data Security
Microsoft Teams is an effective and convenient tool for communication (i.e., calling, texting, video conferencing, and file sharing) and comes with free HIPAA compliant transcription. Please look at our New Policies to ensure professional relationships with Patients and Research Participants.
Follow our guidance on securing your devices and use approved Data Storage and Research Apps
HIPAA Limited Data Sets or anonymized data (BU Data Classification – Confidential) can be processed on our Shared Computing Cluster (SCC4). SCC staff or the data provider (e.g., BMC Clinical Data Warehouse) can help you limit the data to that allowed by law: dates (e.g., DOB, dates of treatment), city, and zip code. All other identifiers, including email, phone, pic/video of face, medical record # must be removed or left on Restricted Use network drive (e.g., BUMC Y Drive, RU-NAS).
A completely de-identified data set requires removal of all identifiers. See U.S. Department of Health and Human Services, Office for Civil Rights guidance on de-identification.
- If data is completely de-identified it is classified as Public Data.
Jul 2022 Security Reminder – Teams
May 2022 Security Reminder – Sending Patient Data Electronically
Mar 2022 Security Reminder – Reporting An Incident
Oct 2021 Security Reminder – Email Best Practices
Sep 2021 Security Reminder – Phishing
Jun 2021 Security Reminder for HIPAA Contacts – Inventory
May 2021 Security Reminder – Communications with Patients and Research Subjects
Mar 2021 Security Reminder – HIPAA Policies for Healthcare Providers
Feb 2021 Security Reminder-Patient Authorized Services