Solving the BYOD Dilemma in Healthcare

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI) when your employees access patient data on their mobile devices — and to update or supplement your MDM practices accordingly.

That is the subject of a new eFax Corporate infographic — “Solving the BYOD Dilemma for Healthcare: 10 Best Practices for Protecting ePHI on Staff Mobile Devices.

This infographic walks you through a step-by-step process for enabling some of the best practices for your organization’s confidential patient information — from the types of encryption to implement when sending any ePHI, to suggestions for added password protections on mobile devices and next-generation security protocols like intrusion detection.

As the Office of the National Coordinator’s website points out, your ePHI faces several types of risks whenever someone on your staff accesses this sensitive data on their smart phones, tablets or laptops. These risks include losing the device or having it stolen, inadvertently downloading a virus or other malware, sharing the device with someone unauthorized to view the patient information, or accessing ePHI on an unsecured Wi-Fi network.

The ONC list underscores the potential risks physicians and other office staff in your organization face when receiving and storing unencrypted ePHI on their personal mobile devices — and accessing and transmitting this data outside the protections of your firewalls. This is another reason that it’s a smart practice to make sure your Mobile Device Management policies are as comprehensive as possible, to complement your existing physical, technical and administrative safeguards under the HIPAA Security Rule.

Add to this the fact that a breach or loss of ePHI can land your company on the wrong side of HIPAA regulators, and that the cost of a breach per patient record has exceeded $363 dollars (1) — according to the Ponemon Institute — and it’s definitely worth spending a few moments to view our new BYOD-best-practices infographic. We encourage you to use these best practices to reevaluate your Mobile Device Management procedure as needed — or to implement one as soon as possible if you don’t have procedures in place, as part of a holistic HIPAA Compliance policy.

We also encourage you to learn more about eFax Corporate’s cloud fax solutions for the healthcare industry.

Sources: What Data Breaches Now Cost and Why.