How You Use PHI – What’s Acceptable and What’s Not

All UConn Health Workforce members must follow HIPAA rules to keep PHI safe. Just because your job gives you access to PHI, that does not mean you can use it for personal reasons. Knowing what is allowed and what is not is essential.

Acceptable Use

• Accessing and using co-worker PHI only when required to perform work-related duties
• Receiving personal PHI directly from an employee in the course of work-related duties
• Receiving PHI about an employee through HR processes when necessary for work-related purposes

Privacy Violations

• Commenting on a co-worker’s treatment, procedure, or medical condition
• Sharing co-worker PHI with other co-workers or supervisors without a legitimate work-related reason

• Making personnel decisions or taking actions based on information obtained from daily patient reports or co-worker knowledge, not related to work-related duties

Reminder

Co-workers can also be patients; therefore, the use of PHI for non-work-related purposes is strictly prohibited, regardless of intent.

For additional information or inquiries, contact the Office of Compliance and Healthcare Privacy (OCHP).