I would be very comfortable saying that most, if not all of your employees and patients have cell phones. Do you have cell phones on your network? I am going to say “yes”, you do. So what’s the problem? Security of course! The more people become dependent and rely on their cell phones, the more attractive they become to thieves and hackers. The good news is that protecting yourself against nefarious types doesn’t really require the level of paranoia that maintaining your PC or server might. That’s not to say you’re totally safe. Android phones seem to be susceptible to malware. The reason for this is the openness of the platform and Google’s Android market. Even Google has admitted that 90% of Android users are running older versions of the mobile operating system and that contain serious vulnerabilities. With this, attackers can easily bypass the Android’s security sandbox, which is supposed to limit the data an resources each app is allowed to access.
Aside from the malware and viruses that you phone can attract, it can also cause problems with your network. The HIPAA law states you need to protect your health information. If someone has their phone on your wireless network, that device is unprotected, and can clog up your network with large amounts of streaming, taking up DHCP licenses, and downloading ePHI. Let’s keep on mind the email that is on a cell phone. Are you absolutely sure that your staff is not emailing back and forth with patients?
The best thing for an IT department to do is prohibit the use of cell phones connecting to your wireless network. Same with personal laptops. Policies need to be created to the usage of these devices, and they need to be enforced. The best thing for an employee to do is to practice good habits. The best mobile safety tool is skepticism. If you click a link you received via e-mail or SMS, and it takes you to a site that asks you to log in to your banking or any other account, don’t do it. Just like you wouldn’t on your PC. You want to be vigilant with all of your mobile and computer devices. Just like you would at home, or in the office.
