This document provides simple safeguards to protect your

patient’s data from the risk of being compromised. Take

reasonable and appropriate security measures to mitigate the

losses from costly litigation and reputational damage.

Ponemon Institute Research Report

The investment in a secure network far exceeds the

cost of not implementing a security safeguards.

Securing Your Mobile Devices

Set strong passwords

Encrypt

Use automatic log off

Require a unique user ID

Enable remote wipe

Lock the device

Keep the device with you

Use a screen shield

Refrain from sharing the mobile device

Register the mobile device

Install firewall

Use secure Wi-Fi connection

Research mobile applications

Mobile Device Risks

Lost mobile device

Stolen mobile device

Download virus or malware

Shared mobile device

Unsecured Wi-Fi Network

Mobile Security Safeguards The Risks and Rewards of a Secure Network

The SMLR Group is a full service

cyber security/risk assessment-

consulting firm, specializing

in: Privacy Audits, Standardized

Vendor Compliance Audits

(SVCA), Privacy Policies, Written

Information Security Plans, and

Data Breach Defensible Response

Consultation.

SMLR Group, Inc.

http://www.smlrgroup.com

SOURCE

http://hhs.ogv/ocr/privacyhttp://healthIT.gov/mobiledevices

To report a cyber incident:

https://forms.us-cert.gov/report/ or (888) 282-0870

-20 -10 0 10 20 30

Strong Security Posture

Incident Response Plan

CISO Appointment

Consultants Engaged

Quick Notification

Lost or Stolen Devices

Third Party Error

The Impact Cost of Data Breaches

HIPAA Privacy RuleThe HIPAA Privacy Rule is a set of federal standards to protect

the privacy of patients' medical records and other health

information maintained by covered entities: health plans, which

include many governmental health programs, such as the

Veterans Health Administration, Medicare and Medicaid; most

doctors, hospitals and many other health care providers; and

health care clearinghouses.

These standards provide patients with access to their medical

records and with significant control over how their personal health

information is used and disclosed.

The HIPAA Security Rule establishes national standards for the

security of electronic protected health information. HIPAA

specifies a series of administrative, technical, and physical

security procedures for covered entities to use to assure the

confidentiality of electronic protected health information. The

standards are delineated into either required or addressable

implementation specifications

Five Simple Steps To Secure Mobile Devices

One DECIDE whether mobile device use accesses, receives,

transmits, or stores patient’s health information or is used

as part of your organization’s internal networks or systems

(e.g. HER system).

Two ASSESS. Consider how your organization’s mobile

devices affect threats and vulnerabilities to patient’s health

information.

Three IDENTIFY your organization’s mobile device risk

management strategy, including privacy and security

safeguards.

Four DEVELOP, DOCUMENT AND IMPLEMENT the

organization’s mobile device policies and procedures to

safeguard health information.

Five TRAIN. Conduct mobile device privacy and security

awareness and training for providers and professionals.

The SMLR Group is a full service

cyber security/risk assessment-

consulting firm, specializing

in: Privacy Audits, Standardized

Vendor Compliance Audits

(SVCA), Privacy Policies, Written

Information Security Plans, and

Data Breach Defensible Response

Consultation.

SMLR Group, Inc.

http://www.smlrgroup.com

SOURCE

http://hhs.ogv/ocr/privacyhttp://healthIT.gov/mobiledevices

To report a cyber incident:

https://forms.us-cert.gov/report/ or (888) 282-0870

Mobile Security Safeguards The Risks and Rewards of a Secure Network