June 14, 2012 – ID Experts, a data breach prevention and remediation firm, talked with 13 experts and got 13 tips for managing mobile device threats in health care:

  1. Install USB locks on computers and devices to prevent unauthorized uploads and downloads;
  2. Consider software that can track and locate a device or wipe (erase) its data;
  3. Consider “brick” software that disables a missing device;
  4. Encrypt;
  5. Train employees to shut down laptops rather than putting them in sleep mode, since sleep doesn’t activate encryption protection;
  6. Document in risk assessments the recognition that employees may use personal devices to handle PHI even if prohibited by policy, and reduce the risk, such as offering a secure alternative to texting;
  7. Don’t permit PHI access via mobile devices without strong technology safeguards;
  8. Educate employees on safeguarding their devices;
  9. Purchase cyber-liability insurance;
  10. Secure and check devices before disposal or donation;
  11. Have a proactive data management strategy such as token technology;
  12. Have clear and explicit user opt-in policy for collecting, storing or sharing data; and
  13. Conduct a thorough technical review and risk audit of new mobile technologies before implementation.

Details on each tip are available here.

This story originally appeared at Health Data Management.