1. This document provides simple safeguards to protect your
patient’s data from the risk of being compromised. Take
reasonable and appropriate security measures to mitigate the
losses from costly litigation and reputational damage.
The Impact Cost of Data Breaches
Ponemon Institute Research Report
The investment in a secure network far exceeds the
cost of not implementing a security safeguards.
Securing Your Mobile Devices
Set strong passwords
Encrypt
Use automatic log off
Require a unique user ID
Enable remote wipe
Lock the device
Keep the device with you
Use a screen shield
Refrain from sharing the mobile device
Register the mobile device
Install firewall
Use secure Wi-Fi connection
Research mobile applications
Mobile Device Risks
Lost mobile device
Stolen mobile device
Download virus or malware
Shared mobile device
Unsecured Wi-Fi Network
Mobile Security Safeguards
The Risks and Rewards of a Secure Network
The SMLR Group is a full service
cyber security/risk assessment-
consulting firm, specializing
in: Privacy Audits, Standardized
Vendor Compliance Audits
(SVCA), Privacy Policies, Written
Information Security Plans, and
Data Breach Defensible Response
Consultation.
SMLR Group, Inc.
http://www.smlrgroup.com
SOURCE
http://hhs.ogv/ocr/privacy
http://healthIT.gov/mobiledevices
To report a cyber incident:
https://forms.us-cert.gov/report/ or
(888) 282-0870
-20 -10 0 10 20 30
Strong Security Posture
Incident Response Plan
CISO Appointment
Consultants Engaged
Quick Notification
Lost or Stolen Devices
Third Party Error
2. HIPAA Privacy Rule
The HIPAA Privacy Rule is a set of federal standards to protect
the privacy of patients' medical records and other health
information maintained by covered entities: health plans, which
include many governmental health programs, such as the
Veterans Health Administration, Medicare and Medicaid; most
doctors, hospitals and many other health care providers; and
health care clearinghouses.
These standards provide patients with access to their medical
records and with significant control over how their personal health
information is used and disclosed.
The HIPAA Security Rule establishes national standards for the
security of electronic protected health information. HIPAA
specifies a series of administrative, technical, and physical
security procedures for covered entities to use to assure the
confidentiality of electronic protected health information. The
standards are delineated into either required or addressable
implementation specifications
Five Simple Steps To Secure Mobile Devices
One DECIDE whether mobile device use accesses, receives,
transmits, or stores patient’s health information or is used
as part of your organization’s internal networks or systems
(e.g. HER system).
Two ASSESS. Consider how your organization’s mobile
devices affect threats and vulnerabilities to patient’s health
information.
Three IDENTIFY your organization’s mobile device risk
management strategy, including privacy and security
safeguards.
Four DEVELOP, DOCUMENT AND IMPLEMENT the
organization’s mobile device policies and procedures to
safeguard health information.
Five TRAIN. Conduct mobile device privacy and security
awareness and training for providers and professionals.
The SMLR Group is a full service
cyber security/risk assessment-
consulting firm, specializing
in: Privacy Audits, Standardized
Vendor Compliance Audits
(SVCA), Privacy Policies, Written
Information Security Plans, and
Data Breach Defensible Response
Consultation.
SMLR Group, Inc.
http://www.smlrgroup.com
SOURCE
http://hhs.ogv/ocr/privacy
http://healthIT.gov/mobiledevices
To report a cyber incident:
https://forms.us-cert.gov/report/ or
(888) 282-0870
Mobile Security Safeguards
The Risks and Rewards of a Secure Network