Encrypt data. Ensure that all your computing devices are encrypted and have operating anti-virus software. Please contact the Help Desk @ helpdesk@umassmed.edu or (508) 856-8643 for assistance.
Limit access to only those that require it and have been identified within an approved IRB protocol.
Conduct periodic access reviews. It is important that regular reviews of access are conducted and individuals no longer requiring access to the data are promptly removed.
Follow Minimum Use guidelines. Only allow access to the minimum datasets required to just those that need it.
Do not e-mail PHI or PII without encryption.
Ensure you have a strong password and change it regularly.
