With the risk of a cyber-security breach increasing on a daily basis, below are some tips that will help practice owners maintain the security that they need in order to protect patient information.
Establish a Security Culture
❒ Build a security-minded organizational culture so that good habits and practices become automatic.
❒ Conduct information security education and training frequently.
❒ A practice owner should be the security leader in the practice and set a good example in attitude and action.
❒ Instill taking responsibility for information security as one of your practice’s core values.
Protect Mobile Devices
❒ Ensure your mobile devices are equipped with strong authentication and access controls.
❒ Ensure laptops have password protection
❒ Enable password protection on handheld devices (if available). Take extra physical control precautions over the device if password protection is not provided.
❒ Protect wireless transmissions from intrusion.
❒ Do not transmit unencrypted Protected Health Information (PHI) across public networks (e.g., Internet, Wi-Fi).
❒ Where it is absolutely necessary to commit PHI to a mobile device or remove a device from a secure area, encrypt the data.
❒ Do not use mobile devices that cannot support encryption.
❒ Develop and enforce policies specifying the circumstances under which devices may be removed from the facility.
❒ Take extra care to prevent unauthorized view of the PHI displayed on a mobile device.\
Hopefully, this information will provide some simple security tips in order to prevent a violation and/or security breach which can devastate a practice.
Author(s)
Stuart J. Oberman, Esq.
Stuart J. Oberman is the founder and President of Oberman Law Firm. Mr. Oberman graduated from Urbana University and received his law degree from John Marshall Law School. Mr. Oberman has been practicing law for over 30 years, and before going into private practice, Mr. Oberman was in-house counsel for a Fortune 500 Company.
Read More =>