The Health Sector Cybersecurity Coordination Center released a brief March 23 on how healthcare organizations can ensure mobile device security.
Six recommendations from the HHS on mobile device security:
- Healthcare organizations should consider physical security, configuration management, data backups and cloud storage of mobile devices.
- Healthcare organizations should be cautious about what networks they are connecting mobile devices to.
- Make sure all devices and all apps are updated as soon as possible.
- All devices should have required passwords.
- Make sure devices have encryptions as HIPAA requires any device that stores or processes any of the 18 categories of personal health information to be encrypted.
- All mobile devices should include a remote wiping capability.