Access your Pro+ Content below.
The tangled web: BYOD and HIPAA
This article is part of the May 2013 issue of Pulse
The bring-your-own-device, also known as BYOD or consumerization, era is upon us. CIOs familiar with BYOD security we’ve interviewed at HIMSS and the PHI Protection Network tell us that there’s no way to stop it, you can only contain it. If you’re lucky. While presenting the risks of alloying BYOD to senior hospital leadership don’t forget the biggest risk of all: Inaction or an outright ban. Employees will use their smartphones to text each other about patient care matters, which probably won’t amount to HIPAA-compliant practices. They’ll email patient data to each other. Physicians will set up rogue wireless access points to support devices they bring in, opening up your network to unsavory outside entities who cannot believe their good fortune in finding a backdoor to financial and medical identity theft. Without policies to enforce and security software to monitor devices, lock down the network, encrypt data and remotely wipe lost or stolen devices, the cost of inaction could very well be a data breach in your company’s near...
Features in this issue
Penn Medicine considers best practices for implementing and managing mobile devices, specifically BYOD devices, in this case study.
With stage 2 meaningful use approaching and the launch of the HIPAA omnibus rule, providers have to ensure their EHR adoption strategies are in place.
Selling senior leadership on HIPAA compliance and patient privacy investments is difficult; here are tips to help outline the business case.
News in this issue
Special interest group formed by NFC Forum sees potential in widespread mHealth uses for new tech embedded in smartphones.
Columns in this issue
The HIPAA omnibus will become official this fall. Is your organization prepared to handle data breaches, BYOD policies and network security?