I find this really cool! Do other universities response to such news and write a warning and reminding letter to their students? Or are they coerced by the media and Hospital Authority (HA) to do so?
Dear Colleagues and Students,
With reference to recent incidents of personal data leakage from public hospitals owing to loss of portable electronic storage devices by their staff, we would like to gently remind all of you to take effective measures to protect patient/client information from unauthorised access or loss. Patient/client information should be treated as confidential or sensitive information, and include those on electronic files in computers or storage devices, printed out in hard copy, or existing in any other format.
Here are some general guidelines on the protection of information:
1. Access to confidential or sensitive information should be granted on a restricted or, if required, a need-to-know basis.
2. Avoid unnecessarily accessing, downloading or making copies of confidential or sensitive information from electronic administrative systems to your personal computer or electronic storage devices or for hard-copy printing. If such action is necessary, please delete the information from your personal computer or electronic storage devices or destroy the papers immediately after use. Do not recycle the papers.
3. Avoid moving confidential or sensitive information out of clinical units unless it is necessary, approved and related to the authorised staff member's/student's work. It is recommended that logs be kept of the details of such movement of information for tracking purposes. For hard copies containing confidential or sensitive information, please ensure that the transporting of the papers and their destination are secure and safe.
4. It is recommended that password security methods be used to protect all computers and electronic storage devices, and password/encryption methods be used for important electronic files, especially those that contain confidential or sensitive information.
5. Use a password-protected screen saver to prevent unauthorised access to your personal computer.
6. If you plan to be away from your work area for even a second, do not leave confidential or sensitive information out in the open or where it can be easily accessed electronically. All electronic files containing confidential or sensitive information should be closed, and you should log off your access to all electronic administrative systems. All electronic storage devices, hard-copy documents and other formats that contain such information should be secured in a safe place.
7. All confidential or sensitive information should be deleted/destroyed when no longer required for the purpose of usage or legitimate records management.
For further information about information security, please visit the website of the Office of the Privacy Commissioner for Personal Data, Hong Kong SAR:
http://www.pcpd.org.hk/english/ordinance/ordglance.html
Thank you for your attention.
Faculty of Health and Social Sciences
1 comment:
aiyo you know why or not! recently there has been a lot of cases of leakage of classified info in HK... including confidential arrival/depearture information from the customs and apparently one of the banks as well (HSBC i think?). that's why... and must be coerced by the HA to do so one...
Post a Comment