Managing Health Care Data Breaches With a Response Plan
Organizations’ zeal for harnessing the usefulness of mobile devices like smartphones, tablets and thumb drives can sometimes overshadow these devices’ attendant risks. Mobile devices increase productivity, but losing just one that contains protected health information (PHI) can cause a costly data breach. A proper response plan can prevent a slip-up from becoming a disaster.
A response plan allows an organization’s IT team to reduce the amount of time between initial discovery of a data breach and identification of what PHI was compromised. The IT team should ascertain whether the missing device had any applications open which would allow an unauthorized user to gain access to secure information. Remotely deactivate any mobile device when first learning it has been compromised to prevent unauthorized access. The faster you can respond, the faster you can resolve your data breach.
Here are some helpful resources for more information:
Please note that these are external websites, ECBM does not endorse the statements made on these sites nor are they representative of ECBM's core principals.
HHS.gov- Emergency Preparedness Planning and Response
Be Prepared: Creating a Health Data Breach Response Plan