With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help a practice owner maintain the security that they need in order to protect patient information.
Establish a Security Culture
❒ Build a security-minded organizational culture so that good habits and practices become automatic.
❒ Conduct information security education and training frequently.
❒ A practice owner should be the security leader in the practice and set a good example in attitude and action.
❒ Instill taking responsibility for information security as one of your practice’s core values.
Protect Mobile Devices
❒ Ensure your mobile devices are equipped with strong authentication and access controls.
❒ Ensure laptops have password protection
❒ Enable password protection on handheld devices (if available). Take extra physical control precautions over the device if password protection is not provided.
❒ Protect wireless transmissions from intrusion.
❒ Do not transmit unencrypted Protected Health Information (PHI) across public networks (e.g., Internet, Wi-Fi).
❒ Where it is absolutely necessary to commit PHI to a mobile device or remove a device from a secure area, encrypt the data.
❒ Do not use mobile devices that cannot support encryption.
❒ Develop and enforce policies specifying the circumstances under which devices may be removed from the facility.
❒ Take extra care to prevent unauthorized view of the PHI displayed on a mobile device.\
Hopefully, this information will provide some simple security tips in order to prevent a violation and/or security breach which can devastate a practice.
Stuart J. Oberman, Esq. handles a wide range of legal issues for the chiropractic profession, including: employment law, cyber security breaches, practice sales, real estate transactions, lease agreements, OSHA compliance, chiropractic board complaints, and professional corporations.
For questions or comments regarding this article please call (770) 554-1400 or visit www.obermanlaw.com
If you would like Stuart J. Oberman, Esq. to speak at an event, please contact Katharine Drum, Marketing Coordinator (email@example.com).