Cybersecurity: Secure devices on-the-go

Q. Are you accidentally violating HIPAA with your IT practices?  

A. Most medical professionals understand the importance of HIPAA compliance in clinical care, such as confirming a patient’s identity before providing care or obtaining written consent for sharing information. However, many overlook how everyday technology use could open them up to risk. In home health settings, where care is delivered outside traditional facilities and technology is used on the go, meeting HIPAA requirements becomes even more critical and challenging.  

Even well-meaning health care professionals can unintentionally violate HIPAA when technology isn’t used correctly, especially in mobile care environments. One common risk is using unsecured Wi-Fi networks (such as the patient’s home internet or public hotspots) to access PHI. Another frequent mistake is storing PHI on unsecured devices such as laptops, tablets and smartphones that lack proper encryption or password protection. Additionally, many people overlook the importance of keeping devices and applications up to date. These kinds of oversight often happen during routine tasks and may seem harmless, but they can lead to serious consequences, including data breaches, financial penalties and loss of patient trust. 

To protect patient information and maintain HIPAA compliance, home health providers should take proactive steps such as using VPNs to secure remote connections, enabling encryption on all devices that access PHI and enforcing strong password policies. At scale, a mobile device management (MDM) platform is essential to ensuring these actions are consistently applied, but even in smaller environments it can greatly improve time managing the devices. Providing ongoing cybersecurity training for staff helps raise awareness of potential threats, while implementing automatic software updates ensures systems stay protected against new vulnerabilities. Regular security audits and assessments are also essential for identifying and addressing risks before they lead to breaches. 

Jason Kirkhart is CEO at beetoobi. FMI: www.beetoobi.com.