With the use of mobile devices on the rise, security is a hot topic in the HIPAA world these days. Recent fines of $1.5 million were imposed on a Massachusetts’s infirmary and another $1.7 million on an Alaska-based medical facility for failing to protect PHI on unencrypted laptops/storage devices. It is imperative that medical practices face-the-fact that having a mobile risk management strategy to protect themselves is vital. A mobile risk management strategy is defined as a set of guidelines that help businesses determine the risks that come with using mobile devices and provides steps to lessen the likelihood of breach occurrence.
These cases prove that even relatively small HIPAA breaches can lead to big fines. But less than half of IT executives have a formal mobile device management strategy in place. Bob Violino with Computerworld says that it is not only important for small medical practices to have mobile device management strategies in place but also for associated vendors as well. He says that technology plays a huge role in helping IT departments manage devices and maintain security. Organizations rely heavily on systems such as BlackBerry® Enterprise Server, Microsoft Exchange Server and mobile device management technology from AirWatch to safeguard mobile devices such as Apple® iPads and iPhones, Android™ smartphones and RIM BlackBerries. In addition to deploying security technologies, companies are developing policies on appropriate use of mobile devices. Click here to read the full story.
To avoid an incident at your own organization, continuously monitor safeguarding policies and procedures, train employees, update equipment and keep up on current government rules and regulations. Our Experts at Dexcomm suggest:
- Identify your risk for threats and breaches
- Utilize data backup strategy
- Understand what HIPAA considers to be a mobile device
- Proctect your organization with a mobile device policy
