Exercise Caution When Accessing Foreign Networks
In a Cisco report on BYOD, 59 percent of respondents who used smartphones to access PHI said the smartphones were not password protected, 53 percent of respondents accessed unsecured or foreign Wi-Fi networks, and 48 percent of respondents could not confirm if they disabled "discovery mode" on their Bluetooth devices and smartphones, which makes these devices extremely vulnerable to a cyber attack. Many health care roundtable participants also reported that it was not uncommon for doctors to email PHI to personal email addresses (a known HIPAA violation) which opens yet another opportunity for access to unencrypted PHI.
IT departments at health care organizations should enforce strict requirements with respect to health care providers accessing PHI via mobile devices.