Securing personal health information (PHI) can be a meticulous task inside your organization’s firewall. With restrictions now in place forcing teams to work remotely, many for the first time, and with unfamiliar technology, it’s more critical than ever that we batten down the hatches.

PHI can include physical records, electronic records or spoken information. Think medical bills, lab test results, health records and histories anything that includes a personal identifier. These types of data are highly sought after on the dark web, posing a critical need for strict policies and practices.

Staying vigilant applies to remote workers with company equipment as well as personal hardware. If you rely on third-party vendors to manage billing, medical records, precertification, quality reviews or the like, ask if measures are in place to combat hackers and breaches in this new environment.

In the meantime, here’s a customizable Remote Working Obligations template to help you think through safeguards. There is no such thing as too much cybersecurity.

Remote technology doesn’t have feel like we’re playing tin-can telephone (as nostalgic as that sounds). But we do need to play intelligently.

Our warmest wishes to all for staying healthy and safe.

Barry S. Herrin, JD, FAHIMA, FACHE, is the founder of Herrin Health Law, P.C., in Atlanta, Ga. Herrin offers more than 30 years of experience practicing law in the areas of healthcare and hospital law and policy, privacy law and health information management, among other healthcare-specific practice areas. He is a Fellow of the American College of Healthcare Executives and a Fellow of the American Health Information Management Association. He also holds a Certificate in Cyber Security from the Georgia Institute of Technology. Reach him at 404-459-2526 or