Support Site for IPPGONLINE.NET

Documentation, Policies, Training Videos and Help Pages for IPPGONLINE.NET

Categories:

No categories

Security Policy

Acceptable Use of IPPG’s IT Facilities

1. Reasons for having this policy
All of IPPG’s IT facilities and information resources remain the property of IPPG and not of particular individuals, teams or departments (Note 1).

Following this policy will ensure that all of IPPG’s IT facilities are used:

Legally
Securely
Without undermining IPPG
Effectively
In the spirit of cooperation, trust and consideration for others

The policy relates to all Information Technology facilities and services provided by IPPG. All employees, contractors and volunteers are expected to adhere to it.

2. Precautionary and Disciplinary Measures

Intentional breach of the policy statements in this section (Section 2) will lead to disciplinary measures that may include suspension or termination.

2.1 Copyright:

Use this software mindfully and legally in accordance with both the letter and spirit of relevant licensing and copyright agreements. Copying software for use outside these agreements is illegal and may result in criminal charges.

2.2 Security:

Do not attempt to gain unauthorized access to information or facilities. It is a criminal offense to obtain unauthorized access to any computer (including workstations and PCs) or to modify its contents
If you don’t have access to information resources you feel you need, contact your IT Manager
Do not disclose personal system passwords or other security details to other staff, volunteers or external agents
Do not use any log-in but your own. Doing so compromises the security of IPPG
If your password becomes known to others, change it immediately. Your IT Manager can assist you (Note 2) with that
If you leave your PC unattended without logging out of Phlebotomy 3.0, you are in breach of our Security Policy and potentially of the HIPAA Security Rules
ALWAYS check external disks, CDs, DVDs and thumb drives for viruses, even if you think they are clean or blank, before inserting such items into a computer when logged in to Phlebotomy 3.0. Contact your IT Manager if you do not know how to confirm these external items are clean

Keep these seven security requirements in mind when utilizing Phlebotomy 3.0. Remember, computer viruses are capable of destroying IPPG’s information resources. It is better to be safe than sorry!

2.3 Information About Patients:

Be sure that you’re not violating any Rights to Privacy laws or HIPAA Rules if you’re recording or obtaining information about individuals. See your IT Manager for more information.

2.4 Responsibility to IPPG:

Ensure that your actions are in the interest (and spirit) of IPPG
Do not leave IPPG open to legal action (e.g. libel)
Avoid trading insults or derogatory remarks with others while using the Internet
Do not write, publish, search for, bookmark, access, or download obscenities or pornography

2.5 Electronic Monitoring:

Any information available within the IPPG network must not be used to monitor the activities of individual staff members in any way (e.g. monitoring one’s work activity, files accessed, website histories, or private files and emails, etc.) without their prior knowledge.

Let it be well known that all computer activity and emails ending in “@ippg.biz” may be accessed by IPPG IT personnel at any time. This is to protect the security of the network, business operations, patient personal information, and any and all proprietary information pertaining to IPPG.

Exceptions to this policy:

The Management Team can provide the appropriate personnel access to ANY information stored on IPPG computers, workstations, hard drives, etc. if an investigation into a specific allegation of misconduct arises
IT Support may come across some files or documents that it cannot avoid accessing when attempting to solve a computer problem or fix a systemwide bug

If either exception occurs an employee will be immediately notified of the access. They will also be assured that the information revealed will not be disclosed to more people than is absolutely necessary.

If an investigation surrounding alleged misconduct ensues, IT may disable the employee’s access to IT facilities.

3. Email Policy

3.1 Email Use:

Email is NOT secure. Do not disclose identifiable patient information, such as a patient’s full name or medical record number, through email
NEVER send phlebotomy orders via email to anyone. This includes the phlebotomists, long-term care facility users, home health agency users, etc. Any communication involving this type of personal, sensitive information should be done through Phlebotomy 3.0, which is secure
Use email when instant communication is necessary. This saves time and paper, not to mention printing, faxing, photcopying, and shredding resources
Review messages before sending them to ensure accuracy, maintain professionalism and confirm the recipient
Pick up the phone if you do not receive an expedited response to a pressing email. Leave a voicemail if your contact is unavailable
In addition to the phone, post a note on the Campfire Business Chat Service if you have an urgent work-related message, such as a STAT order
Use IPPG’s Campfire Business Chat Service (not email) to communicate all time-critical information that should be disseminated throughout the office
Record information on the Campfire Business Chat Service in a well-structured manner
Use email merely as a pointer to draw attention to new and changed information. Provide links as references whenever possible

3.2 Distribution List Use:

When sending an email, only include those individuals for which the information contained is vital. Do not broadcast (i.e. send the email to large groups of people) your email to multiple recipients unless it contains information that is absolutely necessary to all individuals.
Unnecessary emails (e.g. forwarding funny jokes or videos) are disruptive in the workplace, and often result in reduced computer performance and wasted disk space.
Use the standard aliases (Note 3) for work-related communication only.
If you wish to broadcast non-work-related information or requests (e.g. anything outside the scope of IPPG’s business, job duties or services) you must use a personal Webmail account (Note 4). You can also use a personal email account from home to communicate non-work matters to your fellow employees, but you cannot use your standard (work) alias.
Keep IPPG’s internal email aliases internal. If you are sending an email to both an IPPG alias and an alias unrelated to IPPG, place any non-IPPG aliases under the blind carbon copy (i.e. the BCC address option) field to protect the company’s internal aliases.
Don’t broadcast emails with attachments to large groups of people. Either provide the link to the file/site in the body of the email, or include the entire document in the email’s body. Attachments put unnecessary strain on the network.

3.3 Tips on Email Use:

Be aware that you are representing IPPG and can be interpreted as speaking on IPPG’s behalf when you publish or transmit information externally. When stating an opinion, make it clear that it is your opinion, and not that of the company’s. If in doubt, consult a manager or refrain from adding your opinion altogether.
Check your inbox regularly during the work day. Keep your inbox clean, removing any junk mail or previously read personal messages to ensure you can easily access the professional communications that require your attention and action.
Act on each email as it’s read. Delete it, reply to it, save it in a folder, etc.
Don’t print electronic communications unless it’s absolutely necessary. This wastes paper and opens your emails up to eyes other than its intended receiver.
Use prefixes in the subject box whenever appropriate (Note 5).
Treat others with respect over email. Do not criticize, argue or publicize your displeasures through email. You are also prohibited from inviting or encouraging colleagues to criticize, argue or publicize their displeasures about fellow employees over email.
Do not forward email warnings about viruses. They are invariably hoaxes. If the system becomes infected by a genuine virus, IT Support will be aware of it. When in doubt, contact IT for advice.

3.4 Email Etiquette

Be courteous. It’s more likely to get you the response you want. Address all recipients by name at the beginning of a message, especially if you are copying others on that email.
Provide concise, easy to understand subject headers for your readers. Do not use ambiguous or non-descriptive subject headers like “Stuff,” “Question” or “Accounts.” Do not send blank or untitled emails.
Keep to one subject per email, especially if the content is complex. It is better for your reader(s) to have several emails on individual issues, which makes them easy to file and retrieve later. Also, one email covering a variety of issues is likely to be misunderstood or ignored.
Placing asterisks at end of a word (e.g. *now*) is common practice for highlighting text.
Words written in ALL CAPS can be used for emphasis, but should be used sparingly as they’re commonly perceived as “shouting.”
Do not open emails that you suspect may contain inappropriate content or viruses. Do not open messages from senders you do not recognize.
Do open “report.doc” attachments if they are from recognizable colleagues.
Do not open “explore.zip” attachments sent from unknown addresses, however tempting. Alert IT Support if you receive any messages like this. It is one of the most effective ways of protecting IPPG against email virus attacks.
Keep email signatures short. Include your name, title, phone/fax and website only.
Understand that if you forward an email as-is, it will appear to the reader that it came from the original sender, not from you. In this way, it’s like passing on a sealed envelope.
If you forward mail that you have edited, added to or altered in any way, it will appear to the reader that it came from you. The original sender’s details will be embedded in the message. This is to show that the original mail is no longer intact (like passing on an opened envelope).

4. Miscellaneous

4.1 Hardware and Software:

All purchases should be approved by the IT or Office Manager, preferably through the IT budget.

4.2 Installing Software:

Get permission from IT Support before you install any software (including public domain software – see Note 6) on equipment owned and/or operated by IPPG.

4.3 Data Transfer and Storage on the Network:

Keep master copies of important data on IPPG’s network, and not solely on your PC’s local C: drive. The network is backed up, your C: drive may not be, and therefore places that data at risk of being lost if the computer is damaged physically or virally.
Ask IT Support for advice if you need to store, transmit or handle large quantities of data, particularly image, audio or video files. They use up disk space very quickly and can bring your network to a standstill.
Be considerate about storing personal (non-IPPG) files on IPPG’s network. (Note 7).
Don’t copy files that are accessible centrally to your personal directory unless you have good reason (i.e. you intend to amend them or you need to reference them and the central copies are to be changed or deleted) since this uses up disk space unnecessarily.

4.4 Use of Facilities for Leisure or Personal Purposes (e.g. sending and receiving personal email, playing computer games and browsing the Internet)

This is not permitted, except during non-working hours (i.e. lunch or breaks), and only if it does not:

incur specific expenditures for IPPG
impact your job performance (this is a subjective matter between each staff member and his/her supervisor)
break the law
bring IPPG into disrepute

4.5 Care of Equipment:

Do not re-arrange the way electronic equipment is plugged in without contacting IT Support first. This includes computers, power supplies, network cabling, etc.
Do not bring food, drink or other liquids into rooms that contain specialized equipment, such as the servers (Note 8). Access to such areas are also limited to authorized personnel.
Use extreme care when eating, drinking or otherwise handling liquids near computer workstations. Spilled liquids can destroy fragile computer equipment.
Avoid eating lunch at your workstation. This is a computer safety issue, as well as a sanitation issue.

NOTES

(1) In-house software: This is software written by staff or volunteers using IPPG’s equipment. It is IPPG’s property and must not be used for any external purpose. Software developers (and students) employed at IPPG are permitted to take a small “portfolio” of such in-house software source codes/executables, which they may have developed, for use in subsequent work, subject to agreement with the IT Manager.
(2) Personal passwords – Disclosure to other staff, volunteers or external agents: This may be necessary in some circumstances. Such a practice is allowed only if sanctioned by a member of the Management Team after discussion with IT Support. If the password is disclosed for a one-off task, the owner must ensure that his/her password is changed (via IT Support) as soon as the task is completed.
(3) Email aliases are pre-defined “shortcuts” for distributing internal email to specific groups of people. IT Support can tell you what these are and how to use them.
(4) Webmail accounts are personal email accounts that are stored on the Internet and can be accessed anywhere with a standard browser. IT Support can help you set up such an account.
(5) Subject box prefixes: They are as follows: “U:” = Urgent, “FYI:” = For Your Information and “AC:” = Action Required. If the email is a very brief message confined solely to the subject line, it should end with the prefix with “**,” which indicates “just read this line.”
(6) Public domain software or Freeware: This is software that is available free of charge, usually by downloading it from the Internet.
(7) Personal Data: As a guideline, keep your personal data down to 10MB. Ten emails require 0.15MB on average (depending on whether they have attachments). A 10-page, word-processed document requires about 0.1MB. Screen saver images require much more disc space and vary greatly, with some requiring as much as 2MB.
(8) Server Workstation: The server work station near the break room contains IPPG’s file server. Keep this area clear of food, water, personal belonging, etc. Keep the back door closed at all times and locked during normal working hours.

By admin 6:36 pm

NOTE: If you are not an employee of Independent Phlebotomy Provider Group or affiliated health care provider or contractor, you are prohibited from sharing, copying, or otherwise using or disclosing any of the information contained within this website.