The ability to download and share your health information offers you unique opportunities to stay in control of your health, but it is also important to keep that information safe.
Who is responsible for protecting my health information?
- physician offices
- health insurance
- a mobile app
- a mobile device, such as a smartphone or tablet
- shared over social media or health-related websites
HIPAA protects health information that is kept by health care providers and health plans. However, there is information not covered under HIPAA which you need to keep secure. The following tips will help keep your health information private and secure.
Types of health information
- Physical records (e.g. paper copies, film, CDs, DVDs)
- Electronic records copied or download to your personal computer, tablet, or other device
- Electronic records kept on the Internet or "in the cloud"
- "Records" you create yourself
Keep important paper records and other physical media like CDs and DVDs
in a locked filing cabinet or fire safe, and keep the key separate from the
Don't keep unnecessary copies. For example, if you print out an extra copy of
a record to use during a phone conversation, lock it away or destroy it after
- Avoid keeping written copies of passwords.
If you have a Flash drive or hard drive with private records, detach it from
your computer when not in use to prevent unauthorized access. Consider
storing the drive in a fire safe.
General computer and network security
- Turn your computer off when not in use.
- Create a password for your WiFi network, or use software to segment your
- WiFi network to prevent guests from accessing other computers and devices on the same network.
- Do not join unfamiliar or untrusted WiFi networks.
- If you have a Flash drive or hard drive with private records, detach it from your computer when not in use to prevent unauthorized access. Consider storing the drive in a fire safe.
Password and authentication security
- Protect your computer with a password, and require use of the password to start up the computer or wake the computer from sleep.
- Protect your smartphone or tablet with a password or passcode to protect your information even if the devices are lost or stolen. Require use of the password or passcode when starting the device or after short periods of inactivity.
- Choose passwords that are easy for you to remember but difficult for others to guess. Avoid using personal information in passwords like familiar phone numbers and birthdays. In general, a longer password is more secure than a shorter password.