How do you handle your employees who work from home? In large cities like Los Angeles, Atlanta, and Washington, D.C., working from home tends to be the norm rather than hustling through traffic and sitting in an office doing the exact same thing you can do from home.
Employees who work from home could be your worst headache, or your most productive employees. Remote workers need secure connections, a full understanding of HIPAA, goals, guidelines, schedules and the ability to be reached in a moments notice. They need to always be available to their coworkers and management staff.
What does it take to work from home?
The first thing is a good internet connection, and a secure way of accessing company systems and resources. The last thing you want is them working independently of your systems, and downloading patient information to their computers. Even if they are company owned computers, having ePHI on them could prove to be very risky. Most companies who provide computers to employees who work from home end up providing laptops. This is actually a great idea since it allows the employee to bring the laptop in for periodic security reviews. The bad part is they are susceptible to being stolen. A great way to avoid a HIPAA breach is to make sure any laptop or computer being handed out to employees who work from home should have the following:
- Some sort of agent to update software and push out patches
- tracking software if you feel it necessary
- some sort of access requirements, e.g. finger swipe, swipe pattern, passwords, etc.
- The network administrator should have the ability to wipe the device clean remotely.
- Antivirus/antispyware software
- Minimal permission rights on the computer. You don’t want to allow them to install software.
- A HIPAA policy that they can easily understand, and are made aware of when accepting the remote position.
- An HR policy for using company equipment.
Having employees who work from home is similar to the BYOD (Bring your own device) policy some companies have. It is seen as a cost savings, and a perk to employees. Just keep in mind that a breach of could easily wipe away all of that savings, and cause you numerous headaches.
Lastly, there is a measure of trust with employees who work from home. Even though you trust them, does not mean you can’t check on them once i a while. Make sure you communicate, and keep them in the loop of all the latest HIPAA regulations, and security information. You won’t regret it.