HIPAA and the Evolution of Portable Devices

more+
less-

[author: ]

Bond . . . James Bond has always been the epitome of cool gadgets (and bikini babes) but the gizmos of Sean Connery have passed into the era of Daniel Craig. Mr. Connery's lasers, spy cameras and recorders are like dinosaurs and stone tablets. Interesting, but clunky. Many practitioners feel the same way about the desk top and "computer station". New medicine is mobile, miniature and you can play angry birds on it. But what does that mean for security and privacy?

The VA rolled out a pilot project with iPads and almost immediately picked up a complaint and an investigation regarding data security.

There were 7 key takeaways from this investigation into mobile devices:

  • Have certified encryption with strong passwords;
  • Have an accurate inventory;
  • Encrypt backup files;
  • Auto destruct for lost or missing devices;
  • Ensure consistent security configuration;
  • Minimum baseline standards for all mobile devices must be established and implemented;
  • Centrally log/manage distribution of devices.

If only the Massachusetts Eye and Ear Infirmary (MEEI) had taken the lessons of the VA to heart, they might have avoided significant costs. On September 17, the OCR announced that it had reached a 1.5 Million Dollar settlement with MEEI to settle potential HIPAA security violations. A key component of the investigation was MEEI's failure to analyze the risks, and take action in regard to portable devices.

The moral of the story is you can't be Sean Connery in a Daniel Craig world.

Topics:  Healthcare, Healthcare Professionals, HIPAA, Mobile Devices

Published In: Health Updates, Privacy Updates, Science, Computers & Technology Updates

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Davis Brown Law Firm | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »