Recent Michigan Medicine HIPAA Breaches
REMINDER: UMHS Policy 01-04-502, Security of Portable Electronic Devices and Removable Media requires encryption of all devices, including personally-owned laptops, that are used to store, transfer, or access sensitive clinical and research data.
In addition to laptops, this policy applies to all other devices such as:
- Media players
- USB flash drives
- External disk drives
- Memory cards (SD cards)
- CDs, DVDs and other electronic magnetic or optical storage media
It is also the researcher’s responsibility to store sensitive data in appropriate locations based on their research protocol as approved by the IRB. If laptops are not approved to store sensitive research data per the IRB-approved research protocol, then DO NOT store sensitive data on a laptop, whether you own it or if it was issued to you by Michigan Medicine.
Violations of this policy result in disciplinary action, up to and including termination.
Enroll All Your Devices in AirWatch:
Enroll your smartphone, tablet, or personally-owned laptop in AirWatch if you use the device(s) to access or store any sensitive information. AirWatch provides the encryption and security controls that are necessary to ensure your device meets the requirements of UMHS Policy 01-04-502.
AirWatch is supported on multiple platforms, including iOS, Android, Mac, and Windows devices. See the Knowledgebase for more information on supported platforms.
HITS Service Desk staff are available to help you with AirWatch and other encryption-related questions.
- Click the online customer service portal (help.medicine.umich.edu)
- Call the HITS Service Desk 24/7 at 734-936-8000
- Visit one of the walk-in "Help Me Now" sites (michmed.org/HMN-locations)