We all love sticky notes! They come in bright colors, stick to computer screens, and remove easily when you no longer need them.
During a recent HIPAA review of our NOAH health center locations, sticky notes were found being used throughout the clinics. While some notes were handy reminders, many contained sensitive information like patient names, birthdates, MRNs, and even passwords – all posted where patients or other NOAH employees could see them.
Please remember, it is a requirement of HIPAA to protect the privacy of patient health information and even small details jotted down on sticky notes or other papers are in violation.
It is also against NOAH policy and simply not a good idea to store usernames and/or passwords to computers or applications where others can access them. Sticky notes “hidden” under keyboards, in an unlocked drawer, inside notebooks, or other “secret” places do not keep this information secure. If you absolutely must keep usernames or passwords written down, please secure them in a place where only you have access.
We appreciate your commitment to protecting patient and other sensitive information.