You may have read the headline and said to yourself
“How can my smartphone cause a data breach if I don’t have any patient information on it?”
While it may be true that you do not access your EMR on your phone, you should still be concerned. Smartphones are amazing devices. They have the power of computers and run applications that at one time were only run on desktop and laptop computers. Smartphones can be used to access EMRs, PACS systems (digital images), provide remote access to files (spreadsheets and documents) and run thousands of applications which may contain patient information.
Again you may be saying to yourself
“I don’t do any of that. I use my phone to make calls, access emails, read news stories and occasionally play Words with Friends.”
Even though that statement may be 100% true, you still need to be concerned about your smartphone. In many healthcare organizations, email is used as a communication vehicle to pass information. This information may be the details of the holiday party, announcement of a new employee or general human resources information. But more and more email may contain information about patients. Healthcare organizations use email to communicate patient test results, follow-up conversations with patients, recommended prescriptions, etc.
Again you may be saying to yourself
“We don’t email patients. We only use email for internal communications.”
While it may be true that you do not share patient information with patients via email, you do share patient information via email for internal conversations. All those emails with patient information end up in your inbox. Your inbox is then replicated to your smartphone. So sitting on your smartphone may be 100’s or 1000’s of emails that contain patient information.
What happens if that smartphone is lost or stolen? Your smartphone contains patient information and you would be looking at a data breach. You would have to go through every email you have sent or received and determine if it contained patient information. You would have to figure out every patient that would need to be notified that their information was breached. You are looking at a great deal of time and money responding to the data breach.
You may be saying to yourself
“OK this guy maybe right. What can I do to prevent this?”
There are many safeguards you can put in place to reduce the risk of data breaches caused by smartphones. Here are 3 safeguards that will go a long way to minimize the impact if your phone is lost or stolen.
- Minimize the amount of patient data that is sent via email
- Protect your smartphone by ensuring that a start-up password and inactivity timeout has been implemented
- Implement data encryption on your smartphone
You can reduce the impact of a lost smartphone by minimizing the amount of patient data that is on the phone. By implementing a start-up password, inactivity timeout and utilizing data encryption, you can reduce the likeliness that patient information is accessed if the phone is lost or stolen.
Learn more about protecting smartphones and find out 5 simple and inexpensive tips protect patient information. Our guide gives easy to understand and inexpensive tips for addressing HIPAA security. Learning what you need to do to protect patient information is the best first step. Download your guide now!
5 simple and inexpensive tips to protecting patient information guide
Recent Comments