When working remotely, you are responsible for protecting and securing all information including HIPAA protected health information (PHI) in the same manner as if you were working on-site.  All system data, software, and equipment must be properly protected and secured.  Except as necessary, you should not print PHI when working remotely. Any PHI that must be maintained in printed form should be properly secured and should be securely transferred to the workplace for proper storage or destruction as soon as practical.

UCHealth has provided the UCHealth Guidelines for Utilizing Protected Information (“PI”) while working from home

Downloadable PHI Checkout Template

• Zoom
• Teams
• Skype for Business

 If you have questions or a request for a different application for use with telehealth, please visit the OIT Risk and Compliance team’s Application and Cloud Services Assessment Process webpage.

 Avoid potential HIPAA violations with this simple rule…

HIPAA’s “minimum necessary” rule applies when using video sharing technologies such as Zoom, Team and Skype.  So when sharing your screen, DON’T share your whole desktop.  DO share only the application needed.

We have archived the protocols set for the research arm of the University of Colorado School of Medicine.

REMINDER:  UCHealth uses artificial intelligence (AI) to proactively monitor and detect inappropriate access to PHI in Epic. 

U.S. Food & Drug Administration: Coronavirus Disease 2019 (COVID-19) Overview 

NIST: Preventing Eavesdropping and Protecting Privacy on Virtual Meetings (video 1:07 min)