3 Tips for protecting home health and hospice patient information on mobile devices
Device Security for Home Health and Hospice Providers
Healthcare professionals using laptops, tablets, and smartphones to access home health software and hospice software has become commonplace, but is your agency doing everything it can to safeguard patients’ protected health information?
The Department of Health and Human Services Office for Civil Rights is using a recent case in Idaho to send a strong message about HIPAA compliance. The $50,000 penalty inflicted on the community hospice in Hayden, Idaho is the first settlement of its kind for a breech that affected less than 500 people. The fine is in response to a stolen laptop initially reported at the end of 2010. The laptop was assigned to a hospice nurse and contained unencrypted patient health information. Though no evidence has surfaced that suggests the information was tampered with, an investigation following the report revealed the hospice did not have necessary security measures in place for their electronic devices.
Let this be a cautionary tale. The following are a few ways you can insure your patients’ information is properly protected:
- The Department of Health and Human Services has responded to concerns about mobile device security. They announced in December that they were launching a new education initiative designed to inform and motivate healthcare professionals to take mobile device security seriously. The site includes videos, informational sheets, and downloadable materials like web badges and banners, posters, brochures, and presentations. It is a veritable mecca of information and resources and we highly recommend that you check it out here.
- Make sure your agency’s computer and mobile device use policy is clear and widely available. Address specifics like password management to ensure your employees are aware that user passwords can be overridden by your agency should the need arise.
- You might consider using hard drive encryption software, as many CareAnyware customers do using our home health software and hospice software products.
The best reaction your agency can have to HIPAA penalties like the example in Idaho is to reevaluate, re-inform, and re-establish your policies. If you have other cautionary tales to share with our readers or advice about device security, leave a comment below.