New Mobile Device Security Checklist from HC3
With the steady rise of mobile device use in the healthcare industry, securing these devices to keep patient information private is critical. Covered entities must meet certain security requirements for the electronic PHI stored on these devices in order to comply with HIPAA law and avoid a costly data breach.
The Checklist
We love a good checklist, and the Health Sector Cybersecurity Coordination Center has recently provided us with an incredibly practical one for mobile device security.
The checklist includes “recommended items for health sector mobile devices to maintain security, including data in motion and at rest, as well as the capabilities of the device itself.”
This is a great resource from which you can pull information. It can also be a good starting point for an important conversation with your team members on these security practices and others. Covered entities and business associates should walk through the list step by step to ensure they are minimizing their risk potential.
Some highlights from the checklist include:
- Disabling Bluetooth on mobile devices when not in use
- Not connecting devices to public WiFi
- Running fewer applications
- Requiring multi-factor authentication and timed screen locks
- Physical security precautions
- Remote wiping capabilities, and more
How Medcurity Can Help
If you’d like more security resource recommendations or conversation starters, reach out to your team at Medcurity. Cybersecurity-related HIPAA compliance breaches are still on the rise. With your help, we want to go further than checking off requirements, ultimately creating a culture of compliance within healthcare organizations. This is accomplished through regular employee training, and the use of intuitive tools like those on the Medcurity platform for conducting and applying the required Security Risk Analysis.
Medcurity customers can leave clunky assessment spreadsheets behind for an easy-to-use step-by-step SRA that is always being updated to meet current requirements.
Although the crown jewel of the Medcurity platform is the Security Risk Assessment, the tools and resources available to you go so much further than that.
Our HIPAA Policies and Procedures module contains easy-fill policy templates for you to build your own proven policies, customized to your organization. You can also upload your current policies into the platform to create a one-stop shop for compliance needs.
Medcurity also provides an annual HIPAA training platform for employees and for Security Officers. To find out about these and other features of the platform, contact our team today.
We’re here to help you take the stress out of compliance, so you can focus on continuing to provide the best patient care.