Don’t skimp on HIPAA training, or you could pay the price.
Home care providers are more vulnerable to laptop and mobile device theft than almost anyone else, so they should be doubly sure to protect themselves against the problem.
Health insurer AvMed Inc. recently agreed to pay $3 million in a lawsuit involving laptop theft (see related story, this page). In addition to the hefty payout, AvMed agreed to implement the following actions. These are excellent steps that you should also implement to minimize your risk of a costly data breach, advised attorney Elizabeth F. Hodge with Akerman in Tampa, Fla.:
1. Provide mandatory security awareness and training programs for all employees;
2. Provide mandatory training on appropriate laptop use and security for all employees whose employment responsibilities include accessing information stored on company laptop computers;
3. Upgrade all laptop computers with additional security mechanisms, including GPS tracking technology;
4. Implement new password protocols and full disk encryption technology on all company desktops and laptops so that electronic data stored on those devices is encrypted at-rest;
5. Upgrade your physical security at company facilities and offices to further safeguard workstations from theft; and
6. Review and revise written policies and procedures to enhance information security.