With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help practice owners maintain the security that they need in order to protect patient information.
Establish a Security Culture
❒ Build a security-minded organizational culture so that good habits and practices become automatic.
❒ Conduct information security education and training frequently.
❒ A practice owner should be the security leader in the practice and set a good example in attitude and action.
❒ Instill taking responsibility for information security as one of your practice’s core values.
Protect Mobile Devices
❒ Ensure your mobile devices are equipped with strong authentication and access controls.
❒ Ensure laptops have password protection
❒ Enable password protection on handheld devices (if available). Take extra physical control precautions over the device if password protection is not provided.
❒ Protect wireless transmissions from intrusion.
❒ Do not transmit unencrypted Protected Health Information (PHI) across public networks (e.g., Internet, Wi-Fi).
❒ Where it is absolutely necessary to commit PHI to a mobile device or remove a device from a secure area, encrypt the data.
❒ Do not use mobile devices that cannot support encryption.
❒ Develop and enforce policies specifying the circumstances under which devices may be removed from the facility.
❒ Take extra care to prevent unauthorized view of the PHI displayed on a mobile device.\
Hopefully, this information will provide some simple security tips in order to prevent a violation and/or security breach which can devastate a practice.
Author(s)
