For mobile devices used by your providers and staff (your mobile endpoints), Michael Goad, for TechTarget, suggests:
1. Ensure devices and data are secure and encrypted … Encrypting mobile data prevents unauthorized access and protects patient information. [Use] strong encryption protocols for … Data transmission and storage … Regularly monitoring systems for potential security issues, OS patching and updates.
Enhanced security and networking policies and tools to prevent malicious attacks.
2. Implement strong authentication controls … so unauthorized users cannot access confidential data.
3. Establish clear device usage policies … Provide specifics, such as who can access these devices, how often users must update them and which apps users can install on them.
4. Conduct regular security audits … to ensure that all devices used by staff comply with regulations and relevant policies. A formalized response plan for dealing with potential data breaches is vital as well.
5. Carefully manage applications … ensure that application data is digitally sandboxed to control how data can be accessed, viewed and shared.