5.2 - Information Technology Policies, Standards, and Guidelines

All electronic records are the property of the College.  Every effort should be made to ensure the security and privacy of these records. All workforce members must follow HIPAA and OUHSC HIPAA policies to safeguard PHI. When a user steps away from a display containing protected health information (PHI), the screen must be secured by locking the screen or logging off.  Minimizing the screen is not an acceptable method to maintain security.

References:

Safeguards - Administrative and Physical

Safeguards - Technical

Workstation Policy

Electronic devices including laptops, I-pads, tablets and cell phones must be encrypted in order to access PHI on a portable electronic device. This encryption process is established by Central Information Technology for the Health Science Center campus.

Resource: https://itsupport.ou.edu/TDClient/30/Unified/KB/ArticleDet?ID=3016

Link to: College of Dentistry Computer Requirements

Copying, storing, and/or providing transport of digital material in a manner that violates the copyright associated with the digital material on or with any University information system resources is strictly prohibited.

Resource: https://it.ouhsc.edu/policies/documents/infosecurity/Digital%20Copyright%20Policy.pdf

• Protected Health Information shall not be posted on social media sites, such as Facebook or Twitter.  University Personnel should keep in mind that even if a patient’s name is not posted, if the patient could reasonably be identified, alone or with information obtained from other sources, the information is considered Protected Health Information.  
• Do not post photos or x-rays of patients.
• Do not text photos or x-rays of patients.
• Sensitive or proprietary information MUST NOT be shared.
• Activity on social media should remain personal in use only.
• Use personal email account for registration.
• Personal social media relationships with patients, patient family member, etc. are prohibited.
• Remember that content is subject to interpretation.
• Report unprofessional content to the COD Director of Compliance.
• OUHSC email policies apply to files shared over social media
• TikTok
  • In compliance with the Governor’s Executive Order 2022-33, effective immediately, no University employee or student shall access the TikTok application or website on University-owned or operated devices, including OU wired and wireless networks. As a result of the Executive Order, access to the TikTok platform will be blocked and cannot be accessed from the campus network.
• Resources:

  •  http://it.ouhsc.edu/policies/

  • Social Media & Networking Policy and Standards (oklahoma.gov)