Maintaining Security of Confidential Information in Email
ITS would like to remind you about the importance of keeping Confidential Information within our organization. It is extremely important to make sure you do not send any of the following to email addresses except those ending with MED.CORNELL.EDU or NYP.ORG:
1. Patient billing or medical records
2. Student records
3. Financial data, including Payment or Credit Card information
4. Employment records
5. Research data involving human subjects
6. Social Security Numbers
Please be sure to check the email addresses you are sending Confidential information to. If you send Confidential information to an external address you may receive a notification from ITS Security reminding you to use alternative sources to transfer such information.
Safer Alternatives to Email:
- For Provider-Patient Communication: Use the Weill Cornell Connect messaging feature, which provides encrypted communication between providers who are using Epic and their patients. (https://mychart.med.cornell.edu/mychart/faq.asp)
- Use the Transfer Service to Send Confidential Information: If you have a valid business reason to send Confidential data outside of WCMC and NYP, please use the Transfer service, which provides better security. (http://transfer.med.cornell.edu)
Questions? Concerns? Please visit http://weill.cornell.edu/its/policy for more information on our policies. We will be actively updating you on changes to our policies so that you are informed about how to protect the Confidential data you are responsible for.
Thank you.
If you have any questions, comments, or concerns about this information, please contact the ITS Service Desk at 6-4878, or support@med.cornell.edu.