As the world of healthcare evolves, more and more healthcare providers are turning to mobile devices in their practice. If you are a covered entity, you are responsible for complying with HIPAA regulations for securing private patient information, including when using mobile devices.
Here are some guidelines to ensure security while using mobile devices:
- Before allowing the use of mobile devices, decide whether they will be used to access, retrieve, or store patient data or as part of your organizations internal EHR system.
- Think about the threats that mobile devices pose to the confidential patient information your organization holds.
- Identify a risk management strategy for mobile devices. Evaluate and maintain the safeguards your organization has in place for mobile devices.
- Develop, document, and implement a policy for your organization regarding safeguarding private health information. First Healthcare Compliance provides a sample policy for the use of mobile devices to all clients.
- Conduct ongoing privacy training for mobile device users in the workplace.
Source: Health IT.gov Five Steps Organizations Can Take to Manage Mobile Devices Used By Health Care Providers
For more information see our complimentary webinar with Ben Moore, CEO of TelmedIQ, Understanding Mobile Security and HIPAA Privacy