in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Smartphones and Medicine: Should Doctors Stop People From Taking Pictures?

The proliferation of smartphones, tablets, and other ultraportable digital devices is, from a data security perspective, a bad thing.  It will inevitably lead to leaks and breaches of data, assuming proper BYOD security is not used -- and, in some cases, even if it is used.

One question that the American Medical News is asking is "should doctors stop patients from taking smartphone pictures?"  This does not imply by the way, that taking pictures using something other than a smarpthone is OK (for example, tablets also have cameras, as well as plain phones.  And cameras can take pictures, of course).

Not HIPAA Violation: Patients Breaching Privacy

As the article points out, a ban on patients taking pictures is a tricky thing:

If picture-taking is left unfettered, patients could feel violated and sense that a practice doesn’t take patient privacy seriously. On the other hand, if patients want to break out the smartphone for a few shots, is a practice just picking a fight by instituting a no-pictures policy?

Plus, as the article points out, one patient violating another patient's privacy is...well, it's not a HIPAA violation.  Nor a violation of any state or federal laws; at least, I don't think there are any.  Yet, "ultimately, practices are duty-bound to do all they can to create an environment that respects patients and their privacy" so some kind of arrangement must be reached.

Some highlights of the article:

  • There is a real risk of pictures of patients being distributed.
  • The key to creating a "no photo zone" means no exceptions.
  • There is a risk of a HIPAA violation: pictures could be distributed that show PHI.
  • Don't give patients access to your WIFI.  If you're providing it, make sure it's separate from what you and your staff use.

Smartphones in the Workplace: Policies Required

When people speak of protecting data in the age of smartphones and tablets, the discussion generally tends to veer towards technological solutions, like mobile antivirus, data compartmentalization, phone tracking, etc.

However, an important component of data security still lies in creating usage policies.  This rather quaint and antiquated exercise is imperative because, among other things, it is (or at least, it should be) an analysis of where you need to secure data and why, and how you will achieve it.


Related Articles and Sites:
http://www.ama-assn.org/amednews/2012/05/21/bica0521.htm

 
<Previous Next>

Data Encryption: Two Of The Six Lasting Legacies Of 2006 VA Data Breach

Drive Encryption Software: Inspiration For 007's "M" Experiences Laptop Theft

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.