In 2012, the Massachusetts Ear and Eye Infirmary was fined $1.5 million when they lost a mobile device containing confidential medical records of their patients. They were not the only ones. The Alaska public health network was also ordered to pay up when they had a similar breach.
Examples of healthcare organizations large and small failing to keep patient information secure and protected continue to dot the landscape. Mobile devices in healthcare continue their upward climb as more physicians and healthcare professionals move towards tablets and smartphones.
Is your healthcare IT support organization talking to you about the importance of safeguarding patient information on your tablet or mobile phone?
Here are three ideas we share with our healthcare IT support clients:
- Focus on the history of the document. Remember paper files? They were not immune to tampering or theft. However as healthcare continues to move toward electronic medical records it is changing the way healthcare professionals interact with documents. Digital files can be easily altered, changed, copied or deleted. It is recommended that tight security controls be placed on all medical documents and also a solution be implemented to ensure all records are synchronized. In addition, tight access controls must be implemented.
- Encrypt everything. Recently two medical facilities had laptops with medical records stolen. One hospice in Idaho was fined for losing 441 records while another facility in Indiana lost 29,000 records. All devices such as laptops, tablets and USB drives can be lost or stolen easily. If data on your mobile device is left unencrypted and unprotected you have a massive HIPAA violation.
- Know what everyone uses and secure everything. Some of your people are diehard Evernote users, some love their Android and other wouldn’t give up their iOS devices. Regardless of the preferred device, information must be secured and access to information must be controlled. Without the proper healthcare IT security knowledge, you can leave yourself open to HIPAA violations and potentially large fines from the HHS.
Thanks to Ryan Kalember, Chief Product Officer of WatchDox, for his expertise in bringing to light the three core focus areas that today’s medical practice needs to focus on to ensure healthcare IT security is properly maintained.
Besides these three core focus areas, we also recommend making sure that the proper healthcare IT security systems are in place. Antivirus, antimalware, spyware and spam filtering solutions are critical.
As your trusted healthcare IT security specialists we can make sure that your medical facility is properly secured and that you have the right healthcare IT support in place.
Call us for a no obligation review of your healthcare IT security and healthcare IT support needs.