The Healthcare Industry’s Guide to Keeping Information Safe & Secure When You Are Mobile

All healthcare organizations have valuable information belonging to the patient and organization. Organizations must take proactive measures with people, processes, and technology to keep information safe and secure.

This infographic, created by HIMSS and the National Cyber Security Alliance, provides healthcare organizations and their workforce members with practical tips on how to safeguard information.

Why Do We Need Mobile Device Security?



Mobile device security is required by HIPAA to safeguard patient information. 1

Lost or stolen mobile devices are a growing problem. 2

Breaches hurt organizational goodwill and may result in penalties. 3



What Can Healthcare Organizations Do?4



Regularly and thoroughly assess and manage risks.

Use data loss prevention technology.

Encrypt data in transit and at rest.

Implement administrative policies and procedures.



What Can Workforce Members Do?5



Be in compliance with policies, procedures, laws, and regulations.

Always physically safeguard your computer/device. Never leave it unattended.

Always use current software, do not disable or circumvent protective software, and enable security features and functions.

Use a password or passcode to lock your device when not in use.



Keep passwords safe so others can't access them.

Never use open/public wireless networks. Use your own mobile hotspot.

Don’t catch that phish. Ignore unusual attachments, links, and messages.

Use secure communications solutions—not regular text messaging or videoconferencing.








1 See
2 See
3 See, e.g.,
4 For information on how healthcare organizations are protecting information, please see the latest HIMSS Security Survey at
5 For more tips, please see