Lost or stolen laptop with unencrypted patient data is responsible for majority of data breaches. Securing data on mobile devices is crucial in building a strong data security program. Follow these essential steps to protect ePHI on laptops, smartphones,tablets etc.
2. Major cause of patient data breach
Lost or Stolen Laptop
with
Unencrypted Data
3/10/2014 www.kinarainsights.com 2
3. Best way to prevent data loss…
Don’t store any patient data on your
mobile device
but…..
3/10/2014 www.kinarainsights.com 3
4. Easier said than done!
Why?
Because…..
3/10/2014 www.kinarainsights.com 4
5. Data could be anywhere…
Emails Documents
Texts Images
Apps
Spreadsheets
3/10/2014 www.kinarainsights.com 5
6. Really bad if lost
3/10/2014 www.kinarainsights.com 6
7. Hence the need to
protect it!!!
3/10/2014 www.kinarainsights.com 7
8. 10 Steps to protect PATIENT
DATA on a mobile device
3/10/2014 www.kinarainsights.com 8
9. 1. Use a STRONG password
6-8 characters
(alphabets + numbers +CAPS+ Symbols)
Make it difficult to guess
That’s the point!!!
3/10/2014 www.kinarainsights.com 9
10. 2. Encrypt the Data
This scrambles the data so that only an authorized
user who knows the password (key) can gain
access
3/10/2014 www.kinarainsights.com 10
Patient info #s%s*d##fsa
?
11. 3. Enable device tracking software
O Laptop, O Laptop, wherefore art thou
Laptop?
Locate your mobile device if its lost or stolen
Remotely trigger alarm to sound from the device
3/10/2014 www.kinarainsights.com 11
12. 4. Install / Activate remote data wiping and
device locking capability
You can have my device, but you can’t get
my data too!!!
Ok, done with the clichés!
3/10/2014 www.kinarainsights.com 12
13. 5. Do not install or use file sharing
applications
File sharing software also called peer to peer software
allows the data or files on your computer to be accessed by
another computer over the internet
Prevent easy sharing or viewing of your files
without your knowledge
3/10/2014 www.kinarainsights.com 13
14. 6. Install security software
Security threats are constantly changing. New viruses are
created every day
Keep your laptop or mobile device up-to-
date with the latest security updates
3/10/2014 www.kinarainsights.com 14
15. 7. Research mobile applications before
downloading
Check out reviews of the mobile app before downloading it
on your device. Many apps create problems after
installation
Free apps are free for a reason. They want
your data !
3/10/2014 www.kinarainsights.com 15
16. 8. Use adequate security to send or
receive confidential information over
public Wi-Fi
Public Wi-Fi is not secure - leaves your device unprotected
against malicious users using the same public Wi-Fi
Use a virtual private network (VPN) if you really need to
access confidential data
Avoid accessing sensitive data over public
Wi-Fi
3/10/2014 www.kinarainsights.com 16
17. 9. Delete all stored health information
before discarding the mobile device
Clearly outline the procedure for device disposal
Ensure that all data is deleted before upgrading to a new
device or recycling it
Check, check and check again!!!
3/10/2014 www.kinarainsights.com 17
18. 10. Implement mobile device usage
policies & train staff in HIPAA compliance
Policies need to be clear and well documented. People are
the weakest link in the security chain!
Implement a sanction policy that clearly spells out the
consequences for non-compliance
Regular staff training on secure technology
usage is the key
3/10/2014 www.kinarainsights.com 18
19. THANK YOU
Sameer Sule
Healthcare Technology Consultant / Speaker
Author: Protecting Electronic Health Information: A Practical Approach
to Patient Data Security in Your Healthcare Practice
Amazon: http://www.amazon.com/author/sameersule
Blog: http://www.kinarainsights.com/blog.html
Connect with me:
Linkedin: http://www.linkedin.com/pub/sameer-sule/7/b1b/511
Twitter:@sameersule
3/10/2014 www.kinarainsights.com 19