Privacy and Security Strategies and Methods for PEMS Customer level Information.


38 views
Uploaded on:
Description
c. Versatile Electronic Records customer level information that is put away on convenient electronic gadgets, for example, a ... Electronic records put away on a PC hard-commute can be kept ...
Transcripts
Slide 1

Privacy and Security Policies and Procedures for PEMS Client-level Data An Overview for PEMS Users

Slide 2

How to explore this presentation To move from slide to slide, either tap the left catch of your mouse or utilize the look on your mouse Throughout this presentation, you will see puts that say "click here " keeping in mind the end goal to see more data on a theme. When you come to one of these spot, click on the word " here " with your mouse and that will convey you to another slide Somewhere on the slide you have been conveyed to, you will see the word " back " Move your mouse around over the word " back " until the bolt turns into a hand, and afterward tap the left mouse catch on " back " . Make sure just to click with the hand. In the event that you click with the bolt rather than the hand, you will be conveyed to the wrong slide.

Slide 3

What is ?

Slide 4

What is PEMS? PEMS remains for the Program Evaluation and Monitoring System PEMS is a web program based programming for information passage and reporting If an organization gets subsidizing from the Centers for Disease Control (CDC) for HIV aversion programs, that office should gather information for PEMS There are two sorts of information to be gathered: Data that depicts a project being financed Data that portrays the customers being served

Slide 5

Becoming a PEMS User

Slide 6

Becoming a PEMS User A PEMS client is a staff part who will have entry to PEMS customer level information for the motivations behind gathering, handling or dissecting that information 2. With a specific end goal to be approved to be a PEMS client, you should do the accompanying: Sign a classification explanation. Click here Sign an announcement of affirmation and understanding of the PEMS privacy and security arrangement. Click here Take the PEMS Confidentiality and Security Quiz, and audit the right responses to guarantee you see any mistakes ( you should give every one of the three of these archives to your manager )

Slide 7

PEMS Client-Level Data

Slide 8

PEMS Client-Level Data is: Information that is gathered around a specific customer while the customer is selected in your project For the reasons for PEMS, this information could be: a. Client demographics –, for example, the race, ethnicity, sexual orientation or year of birth of the customer b. Client hazard practices –, for example, whether the customer has engaged in sexual relations or utilized infusion drugs amid a specific timeframe The official meaning of PEMS Client-Level Data for the motivations behind this strategy can be seen by clicking here

Slide 9

PEMS Client-Level Data is: 4. PEMS customer level information records can comprise of either: a. Paper Records – customer level information that is on an information accumulation structure for instance b. Electronic Records – customer level information that is put away electronically (on a PC in all probability) c. Portable Electronic Records – customer level information that is put away on versatile electronic gadgets, for example, a portable PC, blackberry and so on., or on removable stockpiling media, for example, a diskette or CD and so on

Slide 10

PEMS and Confidentiality

Slide 11

PEMS and Confidentiality After realizing what PEMS Client-Level Data is, you can perceive how it could be conceivable to utilize this information to recognize a specific customer For this reason, it is critical that this information be kept private keeping in mind the end goal to secure customer protection. Click here to see the meaning of secrecy The archive which these slides compresses contains strategies to guarantee that we are all ensuring the Client-Level information that is gathered for PEMS

Slide 12

Securing PEMS Client-Level Data

Slide 13

Securing PEMS Client-Level Data When customer level information is not being utilized, it must be put away in a secured zone. A secured territory is a bolted file organizer or other bolted container inside a room that has floor-to-roof dividers and an entryway with a lock For the reason for discussing customer level information, a secured zone would simply be a room with floor-to-roof dividers and an entryway with a lock Secured Areas must be bolted when the PEMS client is not present

Slide 14

PEMS Client-Level Data in a Secured Area

Slide 15

PEMS Client-Level Data in a Secured Area: Passwords/keys and so forth As a PEMS client, you are in charge of ensuring any keys, passwords/codes or electronic gadgets that would give a man access to PEMS customer level information. These must be kept in a bolted area If you find that a secret key has been stolen or ended up known not individual, inform your boss promptly. This would be a security break

Slide 16

PEMS Client-Level Data in a Secured Area: Computers If customer level information is put away on a PC, the PC should: a. Have a programmed screen saver lock with a 15 minute or less actuation time b. Be watchword secured (you require a username and secret word to open the screensaver) c. Be bolted at all times when not being used d. Be situated in a secured zone e. Be ensured by surge silencers and crisis battery energy to anticipate information misfortune if there should be an occurrence of influence variances

Slide 17

PEMS Client-Level Data in a Secured Area: Visitors If a man who is not a PEMS client is in a secured zone, they should be went with at all times, and customer level information must be expelled from perspective Regular support faculty must sign a classification proclamation before being admitted to a secured zone

Slide 18

PEMS Client-Level Data in a Secured Area: Leaving If you are leaving a secured territory for a brief time (under 30 minutes) Client-level information records must be turned face-down on office surfaces Computers putting away customer level information records must be bolted 2. In the event that you are leaving a secured zone for quite a while (over 30 minutes) Client-level information records must be come back to their bolted file organizer or container Computers putting away customer level information records must be bolted

Slide 19

PEMS Client-Level Data in the Field

Slide 20

PEMS Client-Level Data in the Field: Collecting Data If you are in the field and need to gather customer information from a customer verbally you should: Make beyond any doubt an entryway can be shut Make beyond any doubt you are separated from everyone else in the room with the customer or that lone PEMS clients are available If you are in the field and a customer will finish a customer level information shape exclusively you should: Assure that you are in a room with an entryway Do your best to respect customer solicitations to finish a structure in a more private area

Slide 21

PEMS Client-Level Data in the Field: Handling Data When you have customer level information records in the field: Keep records in a manila envelope that is fixed and checked "secret" or in a bolted portfolio Do not leave records unattended Do not keep records overnight (aside from with earlier endorsement from the PEMS System Administrator – click here ) Encrypt versatile electronic records. Click here for a meaning of encryption

Slide 22

PEMS Client-Level Data Retention and Disposal

Slide 23

Client-Level Data: Retention and Disposal Paper customer level information records: You should keep these records for a long time from the date that they were made After that point, they should be machine destroyed Portable electronic records: You ought to just keep these records for whatever length of time that it takes to finish the errand that they were made for After that point, plates and other stockpiling media must be disinfected Electronic records: Electronic records put away on a PC hard-drive can be kept uncertainly Before you dispose of a PC that has customer level information put away on it, or provide for somebody who is not a PEMS client, the hard drive must be purified

Slide 24

Transmitting Client-Level Data

Slide 25

Transmitting Client-Level Data: Mail, Email When transmitting customer level information utilizing the U.S. Mail you should: Place information in an envelope stamped "secret" Address the envelope to the PEMS System Administrator (see pg.10 of the strategy for the location) Email You should NOT send customer level information through email The exemption to this is the arbitrary referral code – for this situation you should utilize the privacy notice on pg.10 of the approach

Slide 26

Transmitting Client-Level Data: Fax You should not fax customer level information unless you have earlier approval from the PEMS System Administrator Fax machines being utilized must be situated as a part of secured zones After guaranteeing these two things, you should do the accompanying when faxing: Use a coversheet with the classification notice on pg.10 of the arrangement Call the individual the fax is going to before you send it keeping in mind the end goal to let them know Confirm and re-check the fax number on the perspective screen Call the individual you sent the fax to so as to confirm that they got it If information was not got endeavor to recover it

Slide 27

Printing and Photocopying Client-Level Data

Slide 28

Printing and Photocopying Client-Level Data Both printers and scanners must be situated in secured regions To print or photocopy: Wait by the machine until the employment is finished Do not print or photocopy if there are individuals in the territory who are not PEMS clients

Slide 29

Verbal Discussion about Client-Level Data

Slide 30

Verbal Discussion about Client-Level Data Do not talk about customer level information with any individual who is not a PEMS client Do not examine customer level information when non-PEMS clients might have the capacity to catch When examining customer level information on the phone: Only do as such with recognizable PEMS clients or a referral office Only do as such inside a secured region Attempt to keep non-PEMS clients from catching

Slide 31

PEMS User Responsibilities

Slide 32

PEMS User Responsibilities As a PEMS client, you have the accompanying obligations to dodge a rupture of privacy: (Click here to see the meaning of a break) Adhere to strategies in this archive to guarantee secrecy of customer level information that you work with Do not get to customer level information that is not important to carry out your occupation Do not uncover any customer level information to non-PEMS clients Challenge unapproved clients

Recommended
View more...