Epic privacy features expand; self-audit tool to undergo maintenance

When you choose UT Southwestern for your medical needs, you can expect to receive exceptional care. As part of that care, your personal health information remains confidential. Last year, we introduced an enhanced Epic feature, Break the Glass (BTG), to offer added privacy protection for employees receiving outpatient care at UTSW. We are now expanding this feature to include inpatient care, including at William P. Clements Jr. University Hospital, effective May 14.

While we already have strong patient privacy protections in place to meet HIPAA regulations and UTSW policies (including for our employees), BTG provides an extra safeguard in Epic, the health information system we use to organize, store, and share electronic medical records.

This added measure acts as a reminder to Epic users that a legitimate reason is needed to enter patients’ medical records. Before a member of a care team can access an employee’s medical records, a pop-up will require them to submit a reason for accessing the information, and re-enter their password. BTG does not stop an Epic user from accessing a patient’s medical records; it simply acts as a deterrent against inappropriate access.

We are regularly looking to expand privacy protections for our employees’ health information. In order to enhance these protections, the Epic self-audit tool, which allows employees to see who has accessed their medical records in the past six months, will be temporarily going down for maintenance, so we can ensure that it works seamlessly with our other protections in place.

Email the HIPAA Privacy Office if you need additional information or have any questions.