Safeguard Confidential & Sensitive Healthcare Information: PHI/EPHI, PII & Business Records

Date/Time: 10/19/2022, 12:00 pm - 3:00 pm

Provider: FHPCA

Map Unavailable

Protect your patients! Learn strategies and best practices for the creation and implementation of a comprehensive policy regarding confidential and sensitive information.


Discover how to distinguish sensitive information from confidential data. Recognize the differences between records and non-records. Implement privacy dos and don’ts and train employees, including remote staff, to adhere to policies and procedures.
  • Manage onsite, remote, and hybrid employees’ onsite and online content, use, and records
  • Maintain business records and confidential and sensitive information compliantly
  • Write, implement, and enforce best practices-based policies and procedures (P&Ps) governing confidential and sensitive information, business records, and e-business communications tools
  • Establish content and records rules for email, text, mobile devices, social media, Zoom, Microsoft Teams, Slack, web, and other electronic tools
  • Recognize confidential and sensitive information risks, rules, and requirements
  • Distinguish between business records and non-records
  • Define and safeguard HIPAA’s 18 identifiers, PHI, EPHI, PII, and ESI
  • Adhere to HIPAA’s privacy and security rules
  • Apply P&Ps to preserve, protect, produce, and purge all important business records
  • Support P&Ps with comprehensive employee training and best-in-class technology tools
  • Apply best practices, expert advice, sample policies, and legal/regulatory compliance tips



Privacy laws and HIPAA require healthcare companies to respect and protect the privacy of the organization, employees, patients, job applicants, and other internal and external parties. To that end, mandatory rules must be established and enforced for the acquisition, use, transmission, disclosure, retention, and deletion of confidential and sensitive information, including protected health information (PHI/EPHI), personally identifiable information (PII), and business records. Noncompliance and security breaches could result in HIPAA audits, litigation, civil and criminal penalties, monetary fines, disgruntled patients, lost revenues, ruined reputations, and blemished brands.
This webinar will provide strategies and best practices for the creation and implementation of policies and procedures governing confidential and sensitive information, records retention, and electronic business communications tools. It will distinguish inconsequential data from confidential and sensitive information and explain the difference between records and non-records. Participants will learn how to apply privacy dos and don’ts and train onsite, remote, and hybrid staff to adhere to P&Ps. Attend this jam-packed program to minimize risks, maintain information integrity, and maximize compliance.
Bonus: You will receive two professionally written policy samples, Confidential & Sensitive Information Policy for the Healthcare Industry and Record Retention Policy for the Healthcare Industry, which can be used immediately.



This informative session is a must for records management staff, human resources personnel, training coordinators, IT staff, managers, administrators, and all legal, compliance, privacy, and information governance teams.


  • Sample policy: Confidential & Sensitive Information Policy for the Healthcare Industry
  • Sample policy: Record Retention Policy for the Healthcare Industry
  • Training log
  • PDF of slides and speaker’s contact info for follow-up questions
  • Attendance certificate provided, however there are no pre-approved CEs associated with this webinar

Presented By

Nancy Flynn,

Nancy Flynn


Register/Additional Information