Overview
This guide focuses on how to properly access, use, and protect sensitive data like patient records, internal communications, and employee information.
What Is Considered Sensitive Data?
- Electronic Medical Records (EMR)
- Patient demographics or contact info
- Lab results, prescriptions, and imaging reports
- Staff HR files
- Internal emails containing confidential discussions
Accessing Sensitive Data
✅ Only access data required for your role
✅ Use secure systems (e.g., EMR, internal portals)
✅ Always log in using your own credentials
Storing & Sharing
- Never download sensitive files to personal devices
- Use approved HealthCompany storage (e.g., secure shared drives or systems)
- Emailing patient info? Use encrypted, approved email services only
- Do not write patient data on paper unless strictly necessary
When Working Remotely
- Use a HealthCompany-issued laptop or secure virtual desktop
- Connect using VPN at all times
- Avoid working in public spaces where screens can be seen
Breach Reporting
If you suspect data has been accessed, lost, or shared improperly:
- Report immediately via the Help Center > Report a Security Concern
- Provide as much detail as possible
- Our Privacy & Security team will begin investigation within 24 hours
Failure to follow these policies may result in disciplinary action, including access restrictions or termination.