More and more, we not only in the healthcare industry but in general are growing reliant on technology to simplify the work we do and our lives. With it, however, comes a slew of problems in itself which technology has yet to catch up to. That is, securing and protecting information when using mobile devices in healthcare, such as a laptop, cell phone or tablet, to access, transmit, store and receive patient health information.
HIPAA privacy and security rules issued under the Health Insurance Portability and Accountability Act mandates national standards for protecting Patient Health Information(PHI). These rules protect against unauthorized use and disclosure and safeguards for the confidentiality, integrity, and availability of electronic PHI.
As such, Healthcare institutions that are HIPAA covered entities must take steps to protect the privacy and security of their patient’s PHI. So, whether you are a doctor practicing on your own, or in a hospital setting, or in a group practice, or you are a healthcare professional such as a nurse, therapist, home health aid, or you work in a clinic, physician’s office or other healthcare facility you must protect and secure patient’s PHI no matter what kind of technology you’re using.
Before you use a mobile device to access, transmit, receive or store PHI you should educate yourself and staff on the risks of using it, and learn about the safeguards you can put in place to minimize risks. This includes:
- Losing the device – untargeted loss of device
- Stolen device – targeted loss of device
- Downloading viruses or malware
- Letting people use your mobile device
- Unsecured internet or malware
Understanding the risks involved with using mobile devices in healthcare means that you can create the appropriate policies and procedures to protect your organization from loss of patient data and, worse yet, patient trust.
Hospitals seem to be key targets for cyberattacks after all one hospital can house hundreds of thousands of patient records. Common as they are, breaches shouldn’t be seen as a norm, rather we should learn from each and every cyberattack to safeguard our hospitals.