In the Help Me With HIPAA podcast, Mobile Device Security Checklist – Ep 401, Donna and David talk about how much they Love a checklist and also when you should allow a new employee to access PHI.
First, let’s address how soon a medical practice should allow a new employee access to PHI. When it comes to new employees, training is important to ensure they are trained not just on HIPAA privacy and security concepts, but also on your organization’s privacy and security policies. If an employee will be interacting with patients, it is crucial that they receive proper training on your policies and procedures before they begin. Depending on the new employee’s specific job role, it may be acceptable to wait a few days before providing HIPAA training as long as they will not be interacting with patients during that time. However, it is important to ensure that they receive the necessary training before they begin their duties. Failure to properly train employees on privacy and security policies can lead to potential breaches. Training is key so make sure you have a robust training program and don’t wait to train.
Now, for the clear as mud checklist for mobile device security. The Health Sector Cybersecurity Coordination Center (HC3), has created a HPH Mobile Device Security Checklist. Mobile devices are widely used in healthcare and can store and process sensitive data, making them critical for healthcare operations. Protecting the data of these devices is crucial. While this checklist provides recommended security measures for mobile devices, it is not that easy to read and understand. But, just because the entire list may be difficult to comprehend, it doesn’t mean that you should avoid implementing the recommendations in your organization. Share this checklist with your IT Department/Provider to get assistance in reviewing the list of recommendations and help you make business decisions whether to implement them in your organization. It is also advisable to encourage your staff to apply these measures to their personal devices, even if they don’t use them for storing or transmitting PHI.
Listen to Mobile Device Security Checklist – Ep 401 to hear Donna and David’s opinion of all the recommendations and listen real close to David when he starts talking about Apple products vs Android products. He is finally starting to appreciate how wonderful Apple is vs. Android. Next time you see him, ask him if he has a new iPhone.