Bring Your Own Device

Size: px
Start display at page:

Download "Bring Your Own Device"

Transcription

1 Bring Your Own Device A White Paper Prepared by Bob Wolverton, Ed Prepared by Bob Wolverton, EdD Northwest Regional Telehealth Resource Center

2

3 Bring Your Own Device What is the state of the industry regarding the burgeoning demand from a significant number of healthcare providers to use their own tablets or smart phones while working with patients? The Bring Your Own Device (BYOD) trend is a topic of discussion throughout the Telehealth industry and few solid solutions have been offered. The Challenges The challenges surrounding BYOD are complex and the implications are serious for providers, patients and organizations. For providers, it is convenient to use their personally-owned tablet and make contact with a patient or a colleague and discuss a medical situation. For patients, it is convenient to be able to have an encounter with a provider in a quick and simple manner without having to travel to the provider s office. However, the convenience that obtains with use of handheld devices must be weighed against the overriding concern of patient privacy, as defined by the Health Insurance Portability and Accountability Act (HIPPA). HIPAA sets guidelines for protecting patient information and sets requirements necessary to ensure patient privacy. To that end, HIPAA sets forth guidelines for protecting patient health information and requires that healthcare organizations be able to detect security breaches that can be used to illegally acquire patients protected health information (PHI). In addition, HIPAA rules require health care providers to have a means of tracing security breaches If they occur. PHI breaches on video teleconferencing (VTC) equipment that previously had been the only means of providing Telehealth care until recently have been fairly easy to detect and trace. The newer hardware- or server-based communication systems are also capable of tracing breaches. However, BYOD brings a level of uncertainty to that monitoring and protection. Challenges include: Provider-owned devices are not intrinsically secure. Consumer-grade tablets and smart phones need not be (and therefore are not) HIPAA capable when they are sold to the public. The chances of a breach in security, therefore, increase with each device introduced into an information technology (IT) system Communications apps, while often times encrypted, do not offer the ability to determine if an encounter has been violated (hacked), nor do they offer the capability of tracing the source of the breach. Microsoft recently acknowledged that their product, Skype, had been hacked and several million accounts may have been at risk. Microsoft states that no data were compromised in the attack, yet this event demonstrates the potential threats to PHI when readily-available apps are used to provide health care In addition, some service providers record each conversation held on their systems and those recordings may be at risk as well BYOD 1

4 Additional HIPAA implications occur when one considers that the conversations conducted on handheld devices may not be held in secure locations and may be readily overheard by unauthorized individuals. While this is not an intrinsic failure of the devices, their ease of use may be seen as facilitating these potential breaches Selected BYOD Policies Because the demand for tablet- and smart phone-based communication is increasing at a tremendous rate, IT departments and Telehealth networks are trying several approaches to securing devices and making sure provider compliance is enforced. Some measures reported by NRTRC member networks include: A complete ban on privately owned devices. Practitioners are only allowed to use devices that are supplied by the employer and secured in such a way that they are HIPAA compatible (see the security discussion that follows) Requiring providers to agree to the employer s adding software to the device that allows for secure communication with patients and colleagues and that requires pass codes and other security measures to access PHI or conduct patient encounters Issuing devices and requiring providers to sign a waiver stating that they will leave all the software loaded onto the device in place and agreeing that their employment will be terminated should the provider violate this requirement Requiring that any access to PHI be conducted through a web portal or virtual private network (VPN) and that PHI not be stored on the device Security Considerations For an organization to be compliant with HIPAA requirements, handheld devices must be secured in some way. There are a number of options, some more attractive than others. Using a server-based communication method that is HIPAA capable is one way of ensuring that conversations can be protected and interceptions be recognized and traced. Polycom, Cisco- Tandberg, Vidyo and many others offer encrypted and secure server-based communications options Even with secure communications, however, devices themselves can be easily stolen, lost or misplaced. Data stored on the devices can be easily compromised unless certain measures are taken. One option is for the IT department to supply the devices and to lock them down, clearing the device of any but authorized communications applications, disabling the addition of unauthorized apps to the devices and adding password protection for access. Some password protection programs will wipe the device, that is, erase everything in device memory, if a certain number of unsuccessful log-in attempts are made. While this is a fairly secure system, it is unattractive to providers who may want to use the devices for personal uses A less draconian method of securing PHI and other sensitive information is to place apps that can contain sensitive data into a container. Containerized apps are, basically, sequestered on BYOD 2

5 the device by various methods. Access to the sequestered apps requires use of passcodes or other security features. Apps can be erased (or the whole container can be wiped ) if too many unsuccessful attempts to activate them are encountered. This approach may be more attractive to providers because it will allow fuller use of the device s capability (access is provided to both personal and patient-related apps) while still protecting PHI or company confidential information. Containerization can be used on providerowned as well as facility-owned devices. Containerization may also be attractive to IT departments because they can control apps in many ways. They can offer company-developed apps for the container or control third-party apps. Devices that are lost or stolen can be wiped remotely, or located. Devices owned by individuals who leave the company can be wiped remotely, protecting sensitive data from compromise. Even with all these security options available, vigilance is necessary in order to ensure that only authorized devices are used when dealing with sensitive information or processes. Perhaps the simplest solution is to have a provider-only wifi network with pre-registration, secure login and encryption included. However, that option does not protect data stored on devices that are taken outside the facility, as may be the case with on-call providers, who may need to use a variety of different wifi networks outside the hospital environment. Closing Thoughts The era of BYOD has started. Networks are struggling with a means of allowing device use without compromising PHI and without dumbing down devices, which can alienate owners or users. At this time there are nearly as many unique solutions as there are Telehealth networks. As BYOD becomes more widespread (at least as the demand becomes more widespread), solutions will be found. Until there are attractive, easily-implemented solutions, NRTRC recommends that networks that are considering allowing providers to bring personally-owned devices to work hold a series of meetings with their facility s Compliance, IT, Administration departments and provider representatives to fully discuss the needs and concerns of all parties and then to formulate a solution to this new and challenging era of Telehealth care. BYOD 3

Electronically Communicating in Compliance with HIPAA Privacy and Security Requirements. Adam H. Greene, JD, MPH Partner, Davis Wright Tremaine LLP

Electronically Communicating in Compliance with HIPAA Privacy and Security Requirements. Adam H. Greene, JD, MPH Partner, Davis Wright Tremaine LLP Electronically Communicating in Compliance with HIPAA Privacy and Security Requirements Adam H. Greene, JD, MPH Partner, Davis Wright Tremaine LLP Agenda Communicating with Patients Security Rule compliance

More information

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to Health Information Risks vary based on the mobile device and its use. Some risks include:

More information

Bring Your Own Device (BYOD) and Mobile Device Management. tekniqueit.com

Bring Your Own Device (BYOD) and Mobile Device Management. tekniqueit.com Bring Your Own Device (BYOD) and Mobile Device Management tekniqueit.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks

More information

Bring Your Own Device (BYOD) and Mobile Device Management. www.cognoscape.com

Bring Your Own Device (BYOD) and Mobile Device Management. www.cognoscape.com Bring Your Own Device (BYOD) and Mobile Device Management www.cognoscape.com Bring Your Own Device (BYOD) and Mobile Device Management People are starting to expect the ability to connect to public networks

More information

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information.

Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Know the RISKS. Take the STEPS. PROTECT AND SECURE Health Information. Mobile Devices: Risks to to Health Mobile Information Devices: Risks to Health Information Risks vary based on the

More information

Electronic Communication In Your Practice. How To Use Email & Mobile Devices While Maintaining Compliance & Security

Electronic Communication In Your Practice. How To Use Email & Mobile Devices While Maintaining Compliance & Security Electronic Communication In Your Practice How To Use Email & Mobile Devices While Maintaining Compliance & Security Agenda 1 HIPAA and Electronic Communication 2 3 4 Using Email In Your Practice Mobile

More information

Mobile Security: Controlling Growing Threats with Mobile Device Management

Mobile Security: Controlling Growing Threats with Mobile Device Management Mobile Security: Controlling Growing Threats with Mobile Device Management As the use of mobile devices continues to grow, so do mobile security threats. Most people use their mobile devices for both work

More information

Bring Your Own Device (BYOD) and Mobile Device Management

Bring Your Own Device (BYOD) and Mobile Device Management Bring Your Own Device (BYOD) and Mobile Device Management Intivix.com (415) 543 1033 PROFESSIONAL IT SERVICES FOR BUSINESSES OF ALL SHAPES AND SIZES People are starting to expect the ability to connect

More information

HIPAA Requirements and Mobile Apps

HIPAA Requirements and Mobile Apps HIPAA Requirements and Mobile Apps OCR/NIST 2013 Annual Conference Adam H. Greene, JD, MPH Partner, Washington, DC Use of Smartphones and Tablets Is Growing 2 How Info Sec Sees Smartphones Easily Lost,

More information

BRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT

BRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT BRING YOUR OWN DEVICE (BYOD) AND MOBILE DEVICE MANAGEMENT www.intivix.com (415) 543 1033 HELP TEAM MEMBERS TO COLLABORATE MORE EASILY FROM ANYWHERE. People are starting to expect the ability to connect

More information

BYOD Policy. Handout

BYOD Policy. Handout Handout 1 Identify What Mobile Devices Are Allowed It s important that this list is as detailed as necessary, including types of smart phones and/or tablets, operating systems, models, etc. Also identify

More information

5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES

5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES White paper 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING PHI ON PORTABLE DEVICES 2016 SecurityMetrics 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES 1 5 TIPS FOR HIPAA COMPLIANT MOBILE DEVICES PROTECTING

More information

Laptops, Tablets, Smartphones and HIPAA: An Action Plan to Protect your Practice

Laptops, Tablets, Smartphones and HIPAA: An Action Plan to Protect your Practice Laptops, Tablets, Smartphones and HIPAA: An Action Plan to Protect your Practice Agenda Learning objectives for this session Fundamentals of Mobile device use and correlation to HIPAA compliance HIPAA

More information

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices.

Data Loss Prevention Whitepaper. When Mobile Device Management Isn t Enough. Your Device Here. Good supports hundreds of devices. Data Loss Prevention Whitepaper When Mobile Device Management Isn t Enough Your Device Here. Good supports hundreds of devices. Contents Shifting Security Landscapes 3 Security Challenges to Enterprise

More information

Securing Health Data in a BYOD World

Securing Health Data in a BYOD World BUSINESS WHITE PAPER Securing Health Data in a BYOD World Five strategies to minimize risk Securing Health Data in a BYOD World Table of Contents 2 Introduction 3 BYOD adoption drivers 4 BYOD security

More information

Healthcare IT (HIT) Strategic Planning & Budgeting MARCH 26, 2014

Healthcare IT (HIT) Strategic Planning & Budgeting MARCH 26, 2014 Healthcare IT (HIT) Strategic Planning & Budgeting MARCH 26, 2014 Agenda Introduction / Session Overview HIT Budgeting 101 Security and Compliance EHR budgeting HIT Where Are We Going Q & A 2 Copyright

More information

Choose Your Own Device (CYOD) and Mobile Device Management. gsolutionz.com

Choose Your Own Device (CYOD) and Mobile Device Management. gsolutionz.com Choose Your Own Device (CYOD) and Mobile Device Management gsolutionz.com Choose Your Own Device (CYOD) and Mobile Device Management 2 gsolutionz.com People are starting to expect the ability to connect

More information

Have you ever accessed

Have you ever accessed HIPAA and Your Mobile Devices Not taking the appropriate precautions can be very costly. 99 BY MARK TERRY Alexey Poprotskiy Dreamstime.com Have you ever accessed patient data offsite using a laptop computer,

More information

Don t Let A Security Breach Put You Out of Business

Don t Let A Security Breach Put You Out of Business Don t Let A Security Breach Put You Out of Business Committed to providing you with the most innovative security and privacy solutions. www.boomtechit.com Bring Your Own Device (BYOD) and Mobile Device

More information

Deliver Secure, User-Friendly Access to Mobile Business Apps

Deliver Secure, User-Friendly Access to Mobile Business Apps SAP Brief Extensions SAP Mobile App Protection by Mocana Objectives Deliver Secure, User-Friendly Access to Mobile Business Apps Promote app security for enterprise safety Promote app security for enterprise

More information

Sample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 )

Sample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 ) Sample Employee Agreement for Business Use of Employee-Owned Personal Computing Devices (Including Wearables 1 ) Overview: The Bring Your Own Device (BYOD) program allows employees to use their own computing

More information

BYOD. Bring Your Own Device - Mobile Device Management. www.prooncall.com

BYOD. Bring Your Own Device - Mobile Device Management. www.prooncall.com BYOD Bring Your Own Device - Mobile Device Management www.prooncall.com Bring Your Own Device (BYOD) Mobile Device Management People are starting to expect the ability to connect to public networks and

More information

Samsung Mobile Security

Samsung Mobile Security Samsung Mobile Security offering enhanced core capabilities for enterprise mobility Samsung Enterprise Mobility Enterprise-ready Mobility management for your business Samsung Mobile Security offers enterprise

More information

BYOD. opos WHAT IS YOUR POLICY? SUMMARY

BYOD. opos WHAT IS YOUR POLICY? SUMMARY BYOD WHAT IS YOUR POLICY? opos SUMMARY The organization s employees and contractors frequently perform employment-related tasks which require connecting to the organization s networks, systems, and/or

More information

HIPAA and Cloud IT: What You Need to Know

HIPAA and Cloud IT: What You Need to Know HIPAA and Cloud IT: What You Need to Know A Guide for Healthcare Providers and Their Business Associates GDS WHITE PAPER HIPAA and Cloud IT: What You Need to Know As a health care provider or business

More information

A PRACTICAL GUIDE TO USING ENCRYPTION FOR REDUCING HIPAA DATA BREACH RISK

A PRACTICAL GUIDE TO USING ENCRYPTION FOR REDUCING HIPAA DATA BREACH RISK A PRACTICAL GUIDE TO USING ENCRYPTION FOR REDUCING HIPAA DATA BREACH RISK Chris Apgar Andy Nieto 2015 OVERVIEW How to get started assessing your risk What your options are how to protect PHI What s the

More information

Managing Mobile Device Security

Managing Mobile Device Security Managing Mobile Device Security Kathy Downing, MA, RHIA, CHPS, PMP AHIMA Director Practice Excellence Objectives Understand how HIPAA and HITECH apply to mobile devices. Understand the oversight needed

More information

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size.

BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. April 2014 BYOD Guidelines A practical guide for implementing a successful BYOD Management program in an organization of any size. Bring your own device (BYOD) refers to the policy of permitting employees

More information

ENTERPRISE MOBILITY USE CASES AND SOLUTIONS

ENTERPRISE MOBILITY USE CASES AND SOLUTIONS ENTERPRISE MOBILITY USE CASES AND SOLUTIONS ENTERPRISE MOBILITY USE CASES AND SOLUTIONS Mobility is no longer a trend it s how business gets done. With employees using multiple mobile devices and the availability

More information

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations

Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Dell s Five Best Practices for Maximizing Mobility Benefits while Maintaining Compliance with Data Security and Privacy Regulations Inside ü Tips for deploying or expanding BYOD programs while remaining

More information

Today s Best Practices: How smart business is protecting enterprise data integrity and employee privacy on popular mobile devices. Your Device Here.

Today s Best Practices: How smart business is protecting enterprise data integrity and employee privacy on popular mobile devices. Your Device Here. Securing Business Mobility Today s Best Practices: How smart business is protecting enterprise data integrity and employee privacy on popular mobile devices Your Device Here. Good supports hundreds of

More information

Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA.

Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA. Cyber Security in the Mobile Era KEEPING ENTERPRISE DATA SAFE IN THE BYOD ERA. What is Mobile Security? Mobile security is the protection of both personal and business information stored on and transmitted

More information

Chief Information Officer

Chief Information Officer Chief Information Officer The CIO leads the Information Technology Department maintaining the function of SETMA s electronic health record. The CIO is responsible for: 1. Maintaining the functions of SETMA

More information

Workspace-as-a-Service Defining Security and Mobility for Healthcare. vertiscale.com

Workspace-as-a-Service Defining Security and Mobility for Healthcare. vertiscale.com Workspace-as-a-Service Defining Security and Mobility for Healthcare vertiscale.com Workspace-as-a-Service Defining Security and Mobility for Healthcare Introduction The healthcare industry continues to

More information

Secure Endpoint Management. Presented by Kinette Crain and Brad Lewis

Secure Endpoint Management. Presented by Kinette Crain and Brad Lewis Secure Endpoint Management Presented by Kinette Crain and Brad Lewis Brad Lewis Brad Lewis - Service Specialist 14 years of IT experience In-House Support Manager Network Administrator Assessing Risk:

More information

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work.

OWA vs. MDM. Once important area to consider is the impact on security and compliance policies by users bringing their own devices (BYOD) to work. OWA vs. MDM Introduction SmartPhones and tablet devices are becoming a common fixture in the corporate environment. As feature phones are replaced with new devices such as iphone s, ipad s, and Android

More information

North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP

North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP Mobile Device Management Risky Business in Healthcare North Carolina Health Information Management Association February 20, 2013 Chris Apgar, CISSP Agenda HIPAA/HITECH & Mobile Devices Breaches Federal

More information

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance

VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance VOIP for Telerehabilitation: A Risk Analysis for Privacy, Security, and HIPAA Compliance Valerie J.M. Watzlaf, PhD, RHIA, FAHIMA, Sohrab Moeini, MS, and Patti Firouzan, MS, RHIA Department of Health Information

More information

A 5-STEP PLAN TO PREPARE FOR HEALTHCARE. A Complimentary White Paper from

A 5-STEP PLAN TO PREPARE FOR HEALTHCARE. A Complimentary White Paper from A 5-STEP PLAN TO PREPARE FOR BYOD IN HEALTHCARE A Complimentary White Paper from A 5-step plan to prepare for BYOD in health care A Complimentary White Paper from Healthcare Business & Technology Nearly

More information

How TraitWare TM Can Secure and Simplify the Healthcare Industry

How TraitWare TM Can Secure and Simplify the Healthcare Industry How TraitWare TM Can Secure and Simplify the Healthcare Industry January 2015 Secure and Simplify Your Digital Life. Overview of HIPPA Authentication Standards When Title II of the Health Insurance Portability

More information

Mobile Health Apps 101: A Primer for Consumers. myphr.com

Mobile Health Apps 101: A Primer for Consumers. myphr.com Mobile Health Apps 101: A Primer for Consumers just think APP This guide is designed to help you understand and make educated decisions about using mobile health applications ( app ). When considering

More information

Protecting Your Data On The Network, Cloud And Virtual Servers

Protecting Your Data On The Network, Cloud And Virtual Servers Protecting Your Data On The Network, Cloud And Virtual Servers How SafeGuard Encryption can secure your files everywhere The workplace is never static. Developments include the widespread use of public

More information

Mobile Medical Devices and BYOD: Latest Legal Threat for Providers

Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Presenting a live 90-minute webinar with interactive Q&A Mobile Medical Devices and BYOD: Latest Legal Threat for Providers Developing a Comprehensive Usage Strategy to Safeguard Health Information and

More information

The Thomas Hardye School Bring Your Own Device to School (BYOD) Policy for Students

The Thomas Hardye School Bring Your Own Device to School (BYOD) Policy for Students The Thomas Hardye School Bring Your Own Device to School (BYOD) Policy for Students Adopted by Personnel & Resources Committee 1 st September 2014 Review date: 31 st August 2015 Signed by Chair:. CONTENTS

More information

Mobile Device Usage Standards (Phones, Smart Phones, Tablets, Laptops)

Mobile Device Usage Standards (Phones, Smart Phones, Tablets, Laptops) Mobile Device Usage Standards (Phones, Smart Phones, Tablets, Laptops) 1. Purpose Banner encourages the business use of Mobile Devices by employees as productivity enhancement tools. The purpose of this

More information

Securing Office 365 with MobileIron

Securing Office 365 with MobileIron Securing Office 365 with MobileIron Introduction Office 365 is Microsoft s cloud-based productivity suite. It includes online versions of Microsoft s most popular solutions, like Exchange and SharePoint,

More information

The CIO s Guide to HIPAA Compliant Text Messaging

The CIO s Guide to HIPAA Compliant Text Messaging The CIO s Guide to HIPAA Compliant Text Messaging Executive Summary The risks associated with sending Electronic Protected Health Information (ephi) via unencrypted text messaging are significant, especially

More information

CHIS, Inc. Privacy General Guidelines

CHIS, Inc. Privacy General Guidelines CHIS, Inc. and HIPAA CHIS, Inc. provides services to healthcare facilities and uses certain protected health information (PHI) in connection with performing these services. Therefore, CHIS, Inc. is classified

More information

HIPAA: Protecting Your. Ericka L. Adler. Practice and Your Patients

HIPAA: Protecting Your. Ericka L. Adler. Practice and Your Patients HIPAA: Protecting Your Ericka L. Adler Practice and Your Patients Rachel V. Rose Fallout from the Omnibus Rule Compliance strategies for medical practices 1. Know / manage your business associates and

More information

SOLUTION BRIEF June 2014. How do you capitalize on mobility opportunities in healthcare, both today and in the long term?

SOLUTION BRIEF June 2014. How do you capitalize on mobility opportunities in healthcare, both today and in the long term? SOLUTION BRIEF June 2014 How do you capitalize on mobility opportunities in healthcare, both today and in the long term? SOLUTION BRIEF While bring your own device (BYOD) and physician texting are hot

More information

Internet threats: steps to security for your small business

Internet threats: steps to security for your small business Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential

More information

Getting Hip to the HIPAA and HITECH Act Compliance

Getting Hip to the HIPAA and HITECH Act Compliance Getting Hip to the HIPAA and HITECH Act Compliance NaNotchka M. Chumley, D.O., M.P.H. Family Medicine Physician Los Angeles, CA Integrating Global Trade & Logistic and Cybersecurity Westin St. Francis,

More information

My Docs Online HIPAA Compliance

My Docs Online HIPAA Compliance My Docs Online HIPAA Compliance Updated 10/02/2013 Using My Docs Online in a HIPAA compliant fashion depends on following proper usage guidelines, which can vary based on a particular use, but have several

More information

Research Information Security Guideline

Research Information Security Guideline Research Information Security Guideline Introduction This document provides general information security guidelines when working with research data. The items in this guideline are divided into two different

More information

The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training

The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training The Security Rule of The Health Insurance Portability and Accountability Act (HIPAA) Security Training Introduction The HIPAA Security Rule specifically requires training of all members of the workforce.

More information

The Guide to Implementing a BYOD Policy at Your Company An ebook by Your Friends at UTG

The Guide to Implementing a BYOD Policy at Your Company An ebook by Your Friends at UTG The Guide to Implementing a BYOD Policy at Your Company An ebook by Your Friends at UTG Did you know that 70% of smartphone users have accessed corporate data using a personal device, and 21% of those

More information

The Maximum Security Marriage:

The Maximum Security Marriage: The Maximum Security Marriage: Mobile File Management is Necessary and Complementary to Mobile Device Management The bring your own device (BYOD) trend in the workplace is at an all-time high, and according

More information

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com

{ipad Security} for K-12. Understanding & Mitigating Risk. plantemoran.com {ipad Security} plantemoran.com for K-12 Understanding & Mitigating Risk Plante Moran The ipad is in K-12. Since its debut in April 2010, the ipad has quickly become the most popular tablet, outselling

More information

Data Loss Prevention & Mobile Device Management

Data Loss Prevention & Mobile Device Management Data Loss Prevention & Suitable for any network size and any industry DLP for Windows, Mac and Linux Protecting the entire network Out-of-the-Box Solution to secure sensitive data from threats posed by

More information

Mobile Device Management (MDM) Policies

Mobile Device Management (MDM) Policies Mobile Device Management (MDM) Policies Best Practices Guide Copyright 2012 Fiberlink Communications Corporation. All rights reserved. Information in this document is subject to change without notice.

More information

[BRING YOUR OWN DEVICE POLICY]

[BRING YOUR OWN DEVICE POLICY] 2013 Orb Data Simon Barnes [BRING YOUR OWN DEVICE POLICY] This document specifies a sample BYOD policy for use with the Orb Data SaaS MDM service Contents 1 ACCEPTABLE USE... 3 1.1 GENERAL RULES... 3 2

More information

When HHS Calls, Will Your Plan Be HIPAA Compliant?

When HHS Calls, Will Your Plan Be HIPAA Compliant? When HHS Calls, Will Your Plan Be HIPAA Compliant? Petula Workman, J.D., CEBS Division Vice President Compliance Counsel Gallagher Benefit Services, Inc., Sugar Land, Texas The opinions expressed in this

More information

Data Protection Act 1998. Bring your own device (BYOD)

Data Protection Act 1998. Bring your own device (BYOD) Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...

More information

Agenda. Overview of BYOD in Healthcare lh Legal Risks Associated with BYOD Recommendations to Address Legal Risks 4/18/2016

Agenda. Overview of BYOD in Healthcare lh Legal Risks Associated with BYOD Recommendations to Address Legal Risks 4/18/2016 Inviting Legal to the BYOD Party Laura Clark Fey, Esq., Principal, Fey LLC Agenda Overview of BYOD in Healthcare lh Legal Risks Associated with BYOD Recommendations to Address Legal Risks 2 1 OVERVIEW

More information

Medicaid Enterprise Systems Conference 2012

Medicaid Enterprise Systems Conference 2012 Medicaid Enterprise Systems Conference 2012 Best Practices for Using HIT and HIEs to Keep PHI Secure in an Increasingly Mobile and Technical World Presenters: Charles Sutton, Senior Executive Health Product

More information

COLORADO STATE UNIVERSITY SYSTEM

COLORADO STATE UNIVERSITY SYSTEM Board Policy: The purpose of this ipad Usage Policy is to establish guidelines and procedures for staff and Board members of the Colorado State University System (CSUS) to implement the efficient use of

More information

SECURE AND MANAGE YOUR MOBILE FLEET Freedome for Business

SECURE AND MANAGE YOUR MOBILE FLEET Freedome for Business SECURE AND MANAGE YOUR MOBILE FLEET Freedome for Business TAKE CONTROL OF MOBILE SECURITY In the age of mobile work, safeguarding the network perimeter is not easy. Poorly protected smartphones are now

More information

THE BYOD SURVIVAL GUIDE 5TIPS FOR PRACTICING SAFE MOBILE FILE ACCESS AND COLLABORATION

THE BYOD SURVIVAL GUIDE 5TIPS FOR PRACTICING SAFE MOBILE FILE ACCESS AND COLLABORATION THE BYOD SURVIVAL GUIDE 5TIPS FOR PRACTICING SAFE MOBILE FILE ACCESS AND COLLABORATION Personal mobile devices have infiltrated organizations all over the world, enabling everyone to work from everywhere.

More information

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper

Securing Patient Data in Today s Mobilized Healthcare Industry. A Good Technology Whitepaper Securing Patient Data in Today s Mobilized Healthcare Industry Securing Patient Data in Today s Mobilized Healthcare Industry 866-7-BE-GOOD good.com 2 Contents Executive Summary The Role of Smartphones

More information

Preparing for the HIPAA Security Rule

Preparing for the HIPAA Security Rule A White Paper for Health Care Professionals Preparing for the HIPAA Security Rule Introduction The Health Insurance Portability and Accountability Act (HIPAA) comprises three sets of standards transactions

More information

Security and Privacy Considerations for BYOD

Security and Privacy Considerations for BYOD Security and Privacy Considerations for BYOD Carol Woodbury, President SkyView Partners, Inc 1 Introduction The world of BYOD (Bring Your Own Device) is rapidly expanding. You may not think it s happening

More information

How to Secure Your Environment

How to Secure Your Environment End Point Security How to Secure Your Environment Learning Objectives Define Endpoint Security Describe most common endpoints of data leakage Identify most common security gaps Preview solutions to bridge

More information

BYOD BEST PRACTICES GUIDE

BYOD BEST PRACTICES GUIDE BYOD BEST PRACTICES GUIDE 866.926.8746 1 www.xantrion.com TABLE OF CONTENTS 1 Changing Expectations about BYOD... 3 2 Mitigating the Risks... 4 2.1 Establish Clear Policies and Expectations... 4 2.2 Create

More information

Tuesday, June 5, 12. Mobile Device Usage

Tuesday, June 5, 12. Mobile Device Usage Mobile Device Usage Remeber This? The original, live presentation included the embedded video below: http://www.youtube.com/watch?v=bo-nft2mohi A Changing Industry Proliferation of Smart Phones and Tablets.

More information

HIPAA Security Training Manual

HIPAA Security Training Manual HIPAA Security Training Manual The final HIPAA Security Rule for Montrose Memorial Hospital went into effect in February 2005. The Security Rule includes 3 categories of compliance; Administrative Safeguards,

More information

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility

Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility Solution Overview Cisco BYOD Smart Solution: Take a Comprehensive Approach to Secure Mobility What You Will Learn Whether you want to simply allow tablets on your network or transform business processes

More information

Mobile Device Management for CFAES

Mobile Device Management for CFAES Mobile Device Management for CFAES What is Mobile Device Management? As smartphones and other mobile computing devices grow in popularity, management challenges related to device and data security are

More information

Mobile Device Security

Mobile Device Security Mobile Device Security Presented by Kelly Wilson Manager of Information Security, LCF Research New Mexico Health Information Collaborative (NMHIC) and the New Mexico Health Information Technology Regional

More information

Montclair State University. HIPAA Security Policy

Montclair State University. HIPAA Security Policy Montclair State University HIPAA Security Policy Effective: June 25, 2015 HIPAA Security Policy and Procedures Montclair State University is a hybrid entity and has designated Healthcare Components that

More information

Ensuring the security of your mobile business intelligence

Ensuring the security of your mobile business intelligence IBM Software Business Analytics Cognos Business Intelligence Ensuring the security of your mobile business intelligence 2 Ensuring the security of your mobile business intelligence Contents 2 Executive

More information

OCR UPDATE Breach Notification Rule & Business Associates (BA)

OCR UPDATE Breach Notification Rule & Business Associates (BA) OCR UPDATE Breach Notification Rule & Business Associates (BA) Alicia Galan Supervisory Equal Opportunity Specialist March 7, 2014 HITECH OMNIBUS A Reminder of What s Included: Final Modifications of the

More information

Guidance on the Use of Portable Storage Devices 1

Guidance on the Use of Portable Storage Devices 1 Guidance on the Use of Portable Storage Devices Introduction Portable storage devices ( PSDs ) such as USB flash memories or drives, notebook computers or backup tapes provide a convenient means to store

More information

BYOD Policy for [AGENCY]

BYOD Policy for [AGENCY] BYOD Policy for [AGENCY] This document provides policies, standards, and rules of behavior for the use of smartphones, tablets and/or other devices ( Device ) owned by [AGENCY] employees personally (herein

More information

MOBILITY STRATEGIES IN HEALTHCARE 2014

MOBILITY STRATEGIES IN HEALTHCARE 2014 MOBILITY STRATEGIES IN HEALTHCARE 2014 SM WHICH TYPES OF MOBILE DEVICES DOES YOUR ORGANIZATION SUPPORT? The rise in mobile device usage in hospitals brings the potential for faster communications that

More information

HIPAA: Bigger and More Annoying

HIPAA: Bigger and More Annoying HIPAA: Bigger and More Annoying Instructor: Laney Kay, JD Contact information: 4640 Hunting Hound Lane Marietta, GA 30062 (770) 312-6257 (770) 998-9204 (fax) laney@laneykay.com www.laneykay.com OFFICIAL

More information

BYOD and Mobile Device Management

BYOD and Mobile Device Management April 25, 2013 BYOD and Mobile Device Management Scott Bream Office of the CIO scott.bream@ofm.wa.gov Topics to be covered What is Bring Your Own Device?(BYOD) What is Mobile Device Management?(MDM) Policy

More information

RSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief

RSA Solution Brief. RSA SecurID Authentication in Action: Securing Privileged User Access. RSA Solution Brief RSA SecurID Authentication in Action: Securing Privileged User Access RSA SecurID solutions not only protect enterprises against access by outsiders, but also secure resources from internal threats The

More information

Secure Research Environment & FISMA 101

Secure Research Environment & FISMA 101 Secure Research Environment & FISMA 101 AGENDA FISMA and NIST RMF Six specific processes Portable Computing Devices and Media Getting Help FISMA AND NIST RMF WHAT IS FISMA? Federal Information Security

More information

Mobile Security & BYOD Policy

Mobile Security & BYOD Policy Mobile Security & BYOD Policy Sarkis Daglian Assistant Manager, Desktop Support Office of Information Technology Isaac Straley UCI Information Security Officer Office of Information Technology Speakers

More information

1 P a g e. Lim Jun Yan, Undergraduate School of Information Systems Singapore Management University

1 P a g e. Lim Jun Yan, Undergraduate School of Information Systems Singapore Management University 1 P a g e Lim Jun Yan, Undergraduate School of Information Systems Singapore Management University Trust is to rely upon or place confidence in someone or something. However, this is not a definition that

More information

COPIC INSIGHT: DATA BREACHES

COPIC INSIGHT: DATA BREACHES COPIC INSIGHT: DATA BREACHES SEPTEMBER 2015 COPIC INSIGHT is a new, exclusive resource for COPIC-insured individuals, practices, and facilities. It provides insight on a timely issue in health care, along

More information

Assessing Telehealth Operational and Technology Security Risks to Privacy

Assessing Telehealth Operational and Technology Security Risks to Privacy Assessing Telehealth Operational and Technology Security Risks to Privacy Prepared by the Center for Telehealth University of New Mexico Health Sciences Center July 2003 INTRODUCTION The purpose of this

More information

Medical Information Breaches: Are Your Records Safe?

Medical Information Breaches: Are Your Records Safe? Medical Information Breaches: Are Your Records Safe? Learning Objectives At the conclusion of this presentation the learner will be able to: Recognize the growing risk of data breaches Assess the potential

More information

HIPAA Compliance and Wireless Networks. 2005 Cranite Systems, Inc. All Rights Reserved.

HIPAA Compliance and Wireless Networks. 2005 Cranite Systems, Inc. All Rights Reserved. HIPAA Compliance and Wireless Networks White Paper HIPAA Compliance and Wireless Networks 2005 Cranite Systems, Inc. All Rights Reserved. All materials contained in this document are the copyrighted property

More information

Three Best Practices to Help Enterprises Overcome BYOD Challenges

Three Best Practices to Help Enterprises Overcome BYOD Challenges WHITE PAPER Three Best Practices to Help Enterprises Overcome BYOD Challenges Nearly 80% of white-collar workers in the United States use a mobile device for work and approximately 95% of IT organizations

More information

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.

PREP Course #25: Hot Topics in Cyber Security and Database Security. Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs. PREP Course #25: Hot Topics in Cyber Security and Database Security Presented by: Joe Baskin Manager, Information Security, OCIO JBaskin@nshs.edu Objectives Discuss hot topics in cyber security and database

More information

Security & Privacy Strategies for Expanded Communities. Deven McGraw Partner Manatt, Phelps & Phillips LLP

Security & Privacy Strategies for Expanded Communities. Deven McGraw Partner Manatt, Phelps & Phillips LLP Security & Privacy Strategies for Expanded Communities Deven McGraw Partner Manatt, Phelps & Phillips LLP 1 Key Challenges in Community Data Sharing Patient-mediated data sharing Sharing data with companies

More information

SCDA and SCDA Member Benefits Group

SCDA and SCDA Member Benefits Group SCDA and SCDA Member Benefits Group HIPAA Privacy Policy 1. PURPOSE The purpose of this policy is to protect personal health information (PHI) and other personally identifiable information for all individuals

More information

Remote Access Securing Your Employees Out of the Office

Remote Access Securing Your Employees Out of the Office Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction

More information