Resource Overview

In order to effectively protect health IT systems, Health Center IT leadership needs to consider not only the physical and technical measures of protection for their site, but also the human and workflow measures required to provide the highest levels of privacy and security available throughout their organization.

Resources provided in this section include a set of curated best practices and gold standards for protecting  and effectively responding to health IT system threats. 

Health IT Privacy & Security Best Practices

Community Health Center Adoption Framework for Electronic Patient Engagement

Methods for deploying more personalized care to underserved populations

HITEQ Center 0 259

The introduction of electronic personal health records (PHR) systems, and the patient portals used to provide patients access to those records, into the fabric of the U.S. healthcare system provides a major opportunity to encourage positive health management practices, such as chronic disease management and increased care plan adherence, through greater engagement of the patient.  

Unfortunately, there is still a broad gap between the effective use of PHR technologies where advanced health information services are perhaps most needed, especially within the underserved communities supported by community health centers. This guide provides health centers with an adoption framework that can be used to assess the goals and methods for deploying electronic patient engagement services.

How to Choose the Right BYOD Security Policy for Your Practice

An Article from the Profitable Practices

Forrest Burnson 0 845

This article from The Profitable Practice provides a breakdown on Bring Your Own Device (BYOD) policy considerations based on the mix of devices your organization is trying to support, the size of your healthcare organization and implementation factors that may have an impact on success.

Mobile Device Security: Managing Cloud-based & Hybrid Solutions in Healthcare Settings

A National Cybersecurity Center of Excellence Practice and Resource Guide

HITEQ Center 0 895

Many times when we think of mobile health it is in the terms of patient engagement and communication, but it is important for Health Centers to also be familiar with privacy and security concerns as it relates to mobile devices used by providers and staff.

The National Cybersecurity Center of Excellence (NCCOE) has recently provided two new resources that cover movile device security and a catalogue of currently known threats. Both items are available for download from the NCCOE website.

How to Establish an Ongoing Security Program and Meet Meaningful Use Requirements for Security Risk Analysis

An SRA brief for Health Centers

HITEQ Center 0 921

In order to comply with the Security Rule of the Health Insurance Portability and Accountability Act (HIPAA), you need to maintain an ongoing security program. The HIPAA Security Rule mandates security standards to safeguard electronic protected health information (ePHI) maintained by electronic health record (EHR) technology, with detailed attention to how ePHI is stored, accessed, transmitted, and audited. This rule is different from the HIPAA Privacy Rule, which requires safeguards to protect the privacy of protected health information (PHI) and sets limits and conditions on the use and disclosure of PHI. 



This resource collection was cultivated and developed by the HITEQ team with valuable suggestions and contributions from HITEQ Project collaborators.

Looking for something different or have something you think could assist?

HITEQ works to provide top quality resources, but know your needs can be specific. If you are just not finding the right resource or have a highly explicit need then please use the Request a Resource button below so that we can try to better understand your requirements.

If on the other hand you know of a great resource already or have one that you have developed then please get in touch with us by clicking on the Share a Resource button below. We are always on the hunt for tools that can better server Health Centers.

Request a Resource  Share a Resource
Search HITEQ Content
Quick Feedback Request
Highlighted Resources & Events
Need Assistance?
Would you like more assistance regarding Privacy and Security strategies or support in using any of the included resource sets?

  Request Support


The Quadruple Aim
Quadruple Aim

A Conceptual Framework

Improving the U.S. health care system requires four aims: improving the experience of care, improving the health of populations, reducing per capita costs and improving care team well-being. HITEQ Center resources seek to provide content and direction aligned with the goals of the Quadruple Aim

Learn More >