When a healthcare provider suffers a data breach it can cause serious damage to the patient as well as the provider and many other players. A provider must do its part in protecting PHI and can be held responsible if the proper safety controls are not put into place on it’s network and computer systems. With an increasing need to share data with patients and third parties protecting the data at rest as well as in motion is becoming more and more difficult. By following the below 10 Best Practices you reduce your exposure while moving closer to a more HIPAA compliant environment:
- Establish a Secure Environment
- Protect Mobile Devices
- Run ONLY Required Applications on Endpoints
- Use a Firewall
- Use Virus/Malware Protection
- Implement a Disaster Recovery Plan
- Use Access Control
- Implement a STRONG Password Policy
- Limit Access to the Computer Network
- Control Physical Access to your Facility