• E-mail
• Print
• RSS

Beware of patient/visitor technology at your facility

Nurse Leader Weekly, August 14, 2006

Want to receive articles like this one in your inbox? Subscribe to Nurse Leader Weekly!

Parents use laptop computers to look up their child's condition, giving them valuable information that will assist their treatment decisions.

New mothers snap pictures of their babies with a camera phone to send to relatives who aren't able to visit.

Visitors use small flash drives to bring in work, allowing them to visit loved ones without falling behind at their jobs.

However, each beneficial patient/visitor use of these technologies has a harmful counterpart. For example, a visitor might hack into your clinical wireless network with a laptop, surreptitiously snap pictures of patients or computer screens with a camera phone, or quickly download electronic protected health information (ePHI) from an unattended workstation onto a small flash drive.

Go back to basics

It's probably impossible (and of questionable value) to collect patients' and visitors' devices at the door. Instead, take reasonable measures to mitigate the risks that these devices pose. Kate Borten, president of The Marblehead Group in Marblehead, MA, and Bill Miaoulis, principal at Phoenix Health Systems in Montgomery Village, MD, offer the following advice to deal with patient/visitor technology risks:

1. Camera phones. These gadgets are increasingly the norm for cell phones, opening up the danger that a camera-phone user will snap a picture of someone in your facility or of data on a computer monitor-and you might never know.

   Prohibit camera phone picture-taking by employees, Miaoulis says. He also suggests posting signs to remind patients and visitors that unauthorized camera use is not permitted-including taking pictures with a camera phone. Work force training can also address this threat.

2. Wireless devices. These can include Internet-enabled cell phones and laptops that might allow a user to access your clinical network. You may already regulate wireless devices out of concern that they will interfere with clinical devices; however, this practice is falling out of favor. Borten says that wireless devices and hotspots in your facility can create two types of threats:
   • Users seeking free Internet access through your network
   • Users seeking unauthorized access to your data for malicious reasons

Both can be a threat. Innocent users may download movies or programs that use up your network capacity and are harmful, and malicious users are a threat by definition. Guard against this by establishing a secure wireless network.

Editor's note: This excerpt was adapted from Briefings on HIPAA, August 2006, HCPro, Inc.

Want to receive articles like this one in your inbox? Subscribe to Nurse Leader Weekly!

• E-mail to a Colleague
• Print
• RSS
• Archive