Around the Web

5 Steps to Ensure HIPAA Compliance on Mobile Devices

For mobile devices used by your providers and staff (your mobile endpoints), Michael Goad, for TechTarget, suggests:

1. Ensure devices and data are secure and encrypted … Encrypting mobile data prevents unauthorized access and protects patient information. [Use] strong encryption protocols for … Data transmission and storage … Regularly monitoring systems for potential security issues, OS patching and updates.
Enhanced security and networking policies and tools to prevent malicious attacks.

2. Implement strong authentication controls …  so unauthorized users cannot access confidential data.

3. Establish clear device usage policies …  Provide specifics, such as who can access these devices, how often users must update them and which apps users can install on them.

4. Conduct regular security audits … to ensure that all devices used by staff comply with regulations and relevant policies. A formalized response plan for dealing with potential data breaches is vital as well.

5. Carefully manage applications … ensure that application data is digitally sandboxed to control how data can be accessed, viewed and shared.