Special Report on Protecting Patient Health Information During the COVID-19 Pandemic [open pdf - 2MB]
From the Document: "As the DoD continues to support the Nation in treating COVID-19 [coronavirus disease 2019] cases around the world, it is imperative that personnel working in military medical treatment facilities (MTFs) renew their efforts to protect controlled unclassified information, including patient health information (PHI) and personally identifiable information (PII). PHI is a subset of PII, and if obtained, can be used to steal identities and reveal the health conditions and medical diagnosis of a patient. As the Nation's COVID-19 cases continue to increase and the DoD works diligently to care for the sick, the DoD must ensure that controls are in place to not only protect patients, physicians, and nurses from further spreading the virus, but also protect the sensitive and personal data collected from those individuals from unauthorized access and inadvertent disclosure. Because MTFs use different methods to collect patient data, such as in-person and virtual triage, continuing to exercise due diligence to protect patient data is needed now more than ever with the increased patient loads at MTFs and alternative care facilities the DoD is helping to build and operate. The DoD Office of Inspector General (DoD OIG) recognizes that MTFs are seeing and treating patients at increasing rates. The DoD OIG is providing this document to share lessons learned and best practices that we identified during our previous work related to the security and protection of PHI at MTFs."
Department of Defense, Office of the Inspector General Report No. DODIG-2020-080
Department of Defense Office of the Inspector General: https://www.dodig.mil/