i-pad Theft-3 WC Blog 328
Bug Tag-3
Classic N10-3
Don’t Trust In Encryption Alone To Protect Your Mobile Medical Devices; Use The Alpha Bug Tag 2 To Boost Security
I don’t like to cry wolf and I don’t like to unnecessarily scare people. On the flip side of that, I do believe being too nonchalant about some things, like data security on computer devices can lead to harmful situations. Take for instance mobile medical devices, some web sites seem to suggest that encryption protects computing devices from hacking so there is not a lot to be concerned with in terms of protecting patient’s personal information. I will grant you that encryption is a powerful tool, but I would not be confident in it as my only defense should an ipad theft take place in my hospital, clinic or practice. Medical facilities MUST protect all patient data even if it only seems to be harmless on the surface, like an address. There are thieves trying to gain access to patient information be it addresses, credit billing information, names, prescription drug data, etc. They use the information to obtain prescription medications, file fraudulent medical bills with insurers, obtain credit information and so on. Medical providers must do more to protect mobile devices than depend on encryption. One effective method is to physically protect devices with the Alpha Bug Tag 2.
The Bug Tag is an electronic article surveillance (EAS) anti-theft device that works using a radio frequency (rf) signal in concert with an EAS pedestal, such as the Checkpoint Classic N10 unit. It has rounded edges that give it a flush fit with a device such as a tablet computer or i-pad. The design of the tag makes it nearly impossible for a criminal to pry it off of whatever item it is attached to. The built in tamper alarm ensures that even if it were pried off, the tag will sound a 95 decibel squealing alarm alerting employees to an attempted i-pad theft or tablet theft. With Classic N10 pedestals set in place at entrances and exits to a building, any attempt to smuggle a protected item out the door will result in an alarm from the tower. Again, staffs are alerted and can respond to the event and recover the item before a thief gets away.
Why would someone completely trust in encryption to protect their devices? For starters on their iOS security white paper, March 2017, Apple includes the statement on page 10, “iOS has additional encryption and data protection features to safeguard user data even in cases where other parts of the security infrastructure have been compromised…This provides benefits for both users and IT administrators protecting personal and corporate information at all times and providing methods for instant and complete remote wipe in the case of device theft or loss.” https://www.apple.com/business/docs/iOS_Security_Guide.pdf I am not an expert in encryption and I know that the people at Apple are great at what they do. I only point out that one is left with the impression that there is no need to worry should a device be stolen. I would like to suggest that IF a breach were to take place, fines from the Department of Health and Human Services (HHS) can be hefty. On top of the fines that could be levied, there is also the loss of public confidence in the facility where the breach has occurred and that can impact profitability.
Do portable devices get stolen from facilities? According to the hhs.gov website, in 2017 alone there have been four reported thefts or losses of “other portable electronic devices” and four “thefts of laptops” https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf This does not include all the breaches due to paper losses or thefts, network server hackings, unauthorized email disclosures and so on. In one case of theft, “A computer and storage device have been discovered to have been stolen from San Diego-based healthcare provider Sharp Healthcare. The devices were taken from a locked cabinet in an access-controlled patient treatment area of the Sharp Memorial Outpatient Pavilion in Kearney Mesa in San Diego, CA.” (emphasis mine). The article goes on to report that, “750 current and former patients are understood to have been impacted by the incident.” http://www.hipaajournal.com/sharp-healthcare-says-stolen-devices-contained-phi-of-patients-8718/ The story does not indicate the type of storage device or computer and it may or may not have been an i-pad theft but with the increased use of mobile devices in medicine the necessary precautions are the same.
Using the Bug Tag 2 on mobile medical devices and having Classic N10 pedestals installed in doorways is an additional security step you can take to protect your business and clients. Don’t allow i-pad theft or tablet theft to take your reputation or result in astronomical fines.
Get more information on the Bug Tag, contact us or call 1.770.426.0547today.
I don’t like to cry wolf and I don’t like to unnecessarily scare people. On the flip side of that, I do believe being too nonchalant about some things, like data security on computer devices can lead to harmful situations. Take for instance mobile medical devices, some web sites seem to suggest that encryption protects computing devices from hacking so there is not a lot to be concerned with in terms of protecting patient’s personal information. I will grant you that encryption is a powerful tool, but I would not be confident in it as my only defense should an ipad theft take place in my hospital, clinic or practice. Medical facilities MUST protect all patient data even if it only seems to be harmless on the surface, like an address. There are thieves trying to gain access to patient information be it addresses, credit billing information, names, prescription drug data, etc. They use the information to obtain prescription medications, file fraudulent medical bills with insurers, obtain credit information and so on. Medical providers must do more to protect mobile devices than depend on encryption. One effective method is to physically protect devices with the Alpha Bug Tag 2.
The Bug Tag is an electronic article surveillance (EAS) anti-theft device that works using a radio frequency (rf) signal in concert with an EAS pedestal, such as the Checkpoint Classic N10 unit. It has rounded edges that give it a flush fit with a device such as a tablet computer or i-pad. The design of the tag makes it nearly impossible for a criminal to pry it off of whatever item it is attached to. The built in tamper alarm ensures that even if it were pried off, the tag will sound a 95 decibel squealing alarm alerting employees to an attempted i-pad theft or tablet theft. With Classic N10 pedestals set in place at entrances and exits to a building, any attempt to smuggle a protected item out the door will result in an alarm from the tower. Again, staffs are alerted and can respond to the event and recover the item before a thief gets away.
Why would someone completely trust in encryption to protect their devices? For starters on their iOS security white paper, March 2017, Apple includes the statement on page 10, “iOS has additional encryption and data protection features to safeguard user data even in cases where other parts of the security infrastructure have been compromised…This provides benefits for both users and IT administrators protecting personal and corporate information at all times and providing methods for instant and complete remote wipe in the case of device theft or loss.” https://www.apple.com/business/docs/iOS_Security_Guide.pdf I am not an expert in encryption and I know that the people at Apple are great at what they do. I only point out that one is left with the impression that there is no need to worry should a device be stolen. I would like to suggest that IF a breach were to take place, fines from the Department of Health and Human Services (HHS) can be hefty. On top of the fines that could be levied, there is also the loss of public confidence in the facility where the breach has occurred and that can impact profitability.
Do portable devices get stolen from facilities? According to the hhs.gov website, in 2017 alone there have been four reported thefts or losses of “other portable electronic devices” and four “thefts of laptops” https://ocrportal.hhs.gov/ocr/breach/breach_report.jsf This does not include all the breaches due to paper losses or thefts, network server hackings, unauthorized email disclosures and so on. In one case of theft, “A computer and storage device have been discovered to have been stolen from San Diego-based healthcare provider Sharp Healthcare. The devices were taken from a locked cabinet in an access-controlled patient treatment area of the Sharp Memorial Outpatient Pavilion in Kearney Mesa in San Diego, CA.” (emphasis mine). The article goes on to report that, “750 current and former patients are understood to have been impacted by the incident.” http://www.hipaajournal.com/sharp-healthcare-says-stolen-devices-contained-phi-of-patients-8718/ The story does not indicate the type of storage device or computer and it may or may not have been an i-pad theft but with the increased use of mobile devices in medicine the necessary precautions are the same.
Using the Bug Tag 2 on mobile medical devices and having Classic N10 pedestals installed in doorways is an additional security step you can take to protect your business and clients. Don’t allow i-pad theft or tablet theft to take your reputation or result in astronomical fines.
Get more information on the Bug Tag, contact us or call 1.770.426.0547today.