GUIDELINES FOR

PROPER HANDLING

OF PATIENT DATA

PROPER HANDLING OF PATIENT DATA

According to Personal Data Protection Act (PDPA), patients data

should be handled carefully

Patient names and identifiers should not be used. Instead, codes

should be used for identification

All files containing patient data must be password-protected

(e.g. Excel files)

All portable storage devices used to store and /or transfer data

must be encryption-enabled

Ensure that office is always under locked and no

outsider/external staff has access right to the office

When leaving work desk for a short period, PC and/or laptop

should always be in “Log off” or “Locked” mode

REMINDER

No video taping or photo taking in

clinical area