All public and private healthcare organizations are legally obliged to secure protected health information (PHI). Federal, state, and local regulations require that these organizations take great care in how electronic health records (EHR) are managed and secured.
A properly executed IT Asset Security Strategy will protect your patients, employees, and the reputation of your organization. This document provides an overview of best practices in the management and security of IT assets and the sensitive information they contain. If implemented properly, your healthcare organization can greatly reduce or even eliminate reportable incidents related to endpoint security.
This document includes a checklist of critical steps you should follow in the event a device containing sensitive PHI is missing or stolen. We consider these steps to be best practice and recommend that you follow them regardless of the products or technology you have in place.