Tips to Improve Mobile Device Security

ID Experts, a data breach prevention and remediation firm, talked with 13 experts and got 13 tips for managing mobile device threats in health care:

* Install USB locks on computers and devices to prevent unauthorized uploads and downloads;

* Consider software that can track and locate a device or wipe (erase) its data;

* Consider “brick” software that disables a missing device;

* Encrypt;

* Train employees to shut down laptops rather than putting them in sleep mode, since sleep doesn’t activate encryption protection;

* Document in risk assessments the recognition that employees may use personal devices to handle PHI even if prohibited by policy, and reduce the risk, such as offering a secure alternative to texting;

* Don’t permit PHI access via mobile devices without strong technology safeguards;

* Educate employees on safeguarding their devices;

* Purchase cyber-liability insurance;

* Secure and check devices before disposal or donation;

* Have a proactive data management strategy such as token technology;

* Have clear and explicit user opt-in policy for collecting, storing or sharing data; and

* Conduct a thorough technical review and risk audit of new mobile technologies before implementation.

Details on each tip are available here.