10 essential steps to protect

patient data on a mobile device

Sameer Sule

Healthcare Technology Consultant

©KINARA | INSIGHTS creating value through technology

Major cause of patient data breach

Lost or Stolen Laptop

with

Unencrypted Data

3/10/2014 www.kinarainsights.com 2

Best way to prevent data loss…

Don’t store any patient data on your

mobile device

but…..

3/10/2014 www.kinarainsights.com 3

Easier said than done!

Why?

Because…..

3/10/2014 www.kinarainsights.com 4

Data could be anywhere…

Emails Documents

Texts Images

Apps

Spreadsheets

3/10/2014 www.kinarainsights.com 5

Really bad if lost

3/10/2014 www.kinarainsights.com 6

Hence the need to

protect it!!!

3/10/2014 www.kinarainsights.com 7

10 Steps to protect PATIENT

DATA on a mobile device

3/10/2014 www.kinarainsights.com 8

1. Use a STRONG password

6-8 characters

(alphabets + numbers +CAPS+ Symbols)

Make it difficult to guess

That’s the point!!!

3/10/2014 www.kinarainsights.com 9

2. Encrypt the Data

This scrambles the data so that only an authorized

user who knows the password (key) can gain

access

3/10/2014 www.kinarainsights.com 10

Patient info #s%s*d##fsa ?

3. Enable device tracking software

O Laptop, O Laptop, wherefore art thou

Laptop?

Locate your mobile device if its lost or stolen

Remotely trigger alarm to sound from the device

3/10/2014 www.kinarainsights.com 11

4. Install / Activate remote data wiping and

device locking capability

You can have my device, but you can’t get

my data too!!!

Ok, done with the clichés!

3/10/2014 www.kinarainsights.com 12

5. Do not install or use file sharing

applications

File sharing software also called peer to peer software

allows the data or files on your computer to be accessed by

another computer over the internet

Prevent easy sharing or viewing of your files

without your knowledge

3/10/2014 www.kinarainsights.com 13

6. Install security software

Security threats are constantly changing. New viruses are

created every day

Keep your laptop or mobile device up-to-

date with the latest security updates

3/10/2014 www.kinarainsights.com 14

7. Research mobile applications before

downloading

Check out reviews of the mobile app before downloading it

on your device. Many apps create problems after

installation

Free apps are free for a reason. They want

your data !

3/10/2014 www.kinarainsights.com 15

8. Use adequate security to send or

receive confidential information over

public Wi-Fi

Public Wi-Fi is not secure - leaves your device unprotected

against malicious users using the same public Wi-Fi

Use a virtual private network (VPN) if you really need to

access confidential data

Avoid accessing sensitive data over public

Wi-Fi

3/10/2014 www.kinarainsights.com 16

9. Delete all stored health information

before discarding the mobile device

Clearly outline the procedure for device disposal

Ensure that all data is deleted before upgrading to a new

device or recycling it

Check, check and check again!!!

3/10/2014 www.kinarainsights.com 17

10. Implement mobile device usage

policies & train staff in HIPAA compliance

Policies need to be clear and well documented. People are

the weakest link in the security chain!

Implement a sanction policy that clearly spells out the

consequences for non-compliance

Regular staff training on secure technology

usage is the key

3/10/2014 www.kinarainsights.com 18

THANK YOU

Sameer Sule

Healthcare Technology Consultant / Speaker

Author: Protecting Electronic Health Information: A Practical Approach

to Patient Data Security in Your Healthcare Practice

Amazon: http://www.amazon.com/author/sameersule

Blog: http://www.kinarainsights.com/blog.html

Connect with me:

Linkedin: http://www.linkedin.com/pub/sameer-sule/7/b1b/511

Twitter:@sameersule

3/10/2014 www.kinarainsights.com 19