February 22, 2019
At least 80 percent of Americans use smartphones and/or tablets, creating a digital frontier that is rife with cybercriminal activity. Worse, healthcare workers are subject to special risks of HIPAA violation if they use their devices to store or transmit protected health information of patients or access their hospitals’ networks, EHRs, and other computer systems. Cybercriminals now target mobile devices almost as much as desktops… IOS, Android, it doesn’t matter…and too many users do not use preventative measures that they take for granted with their desktops. In this post, we discuss the security risks of mobile device usage and offer a simple, informative new downloadable infographic learning tool suitable for printing and posting in your workplace.
Hostile intruders into our mobile devices use many methods to steal data, hijack core functions, introduce malicious adware, spy on our activities and even threaten us through ransomware. In addition to loss and theft of our devices, damage can be caused by our own missteps: poor authentication, lack of email encryption, use of unsecured Wi-Fi networks, careless updating of outdated operating systems, and sharing our mobile devices with others. No one wants to experience theft or damage of his or her private data. Of even greater concern in healthcare is loss or theft of HIPAA protected health information (PHI), which can lead to compromise of patient privacy and federal fines. Sending PHI to the wrong patient or another contact, using personal email accounts to discuss PHI, texting PHI, posting PHI on social media or leaving informative Dropbox folders open are obvious no-nos — but they happen.
Using a dedicated healthcare office-only mobile device is ideal for enabling maximum PHI data security. This typically requires that the device is dedicated to just one — maybe two — apps to access or communicate patient data in any way, and requires that the user has no ability to install apps, connect to the Internet, access device settings, and make or receive calls outside of those apps. Sounds great. But does this mean an on-call physician must carry two smartphones on weekends — one for work and one for personal use? Probably. Do most physicians do this? Probably not.
Without trying to solve this problem, let’s focus on how mobile users can address the most common risks to data security — many of which may be surprising.
We’ve developed a new, authoritative infographic that provides straightforward solutions to mobile device security risks. It’s available as an attention-getting high-resolution poster that you can download, print and post in lunchrooms and department bulletin boards. It’s yours by clicking below.