Taking Your Laptop Seriously

Taking Your Laptop Seriously!
© Lawrence E. Hedges
It is now estimated that a laptop is stolen somewhere every minute of
every day. Desktop thefts are also prevalent. Most therapists carry
personal as well as professional information stored on their computers—
thus risking identity theft as well as confidentiality violations.
We have a duty to protect confidential information and must treat
our computer notebooks with the same care that we do our wallets and
purses—never turn your back for one second.
Under HIPPA enforcement a health care agency was just fined
$100,000 because of computer thefts of confidential information in offices
and cars. This means that if we carry confidential information that is not
secured we may be in for serious charges of security violation and loss of
licensure. Here are a few considerations:
 Use and transportation of electronically stored data must be
addressed in informed consents along with the unsecured nature
of cell phones, wireless phones, and the internet.
 You must have a security password on all of your electronic storage
devices that cannot be easily guessed. You must also be using
encryption software when sending client data over the internet.
Consider using additional passwords to protect individual files.
 All data must be backed up daily or weekly and stored in a different
location from the computer.
 All computers must have virus and firewall protection and a means
of updating protection periodically.
 Delete confidential files you will not be using from your laptop
before going to a conference or on vacation.
 In public places keep laptop in its carrier with strap over your
shoulder to make robbing it more difficult. It is better to carry your
computer in a bag that does not readily identify what it is.
Taking Your Laptop Seriously! 2 of 2
 Physically lock your laptop with a cable or other security device
whenever you are using it outside of your locked premises.
 Give no one access to your computers or rooms where confidential
information is stored unless they are a HIPPA-trained part of your
clinical operation.
 If you use billing or other software to handle confidential
information contact the software manufacturers regarding what
security precautions they recommend.
 If you use the laptop to administer tests never leave it unattended
or in the hands of a client unattended.
 Simply deleting data does not remove it from your hard drive, you
must have special software to wipe it from the hard drive. You can
purchase such software easily or have your techie install it.
 Use anti-theft software that can track and locate your laptop or
computer through the IP address once the stolen laptop is used to
access the Internet.
 Use invisible ultraviolet markings so that any recovered stolen
laptops will be clearly marked as yours to the police.
 When records are stolen or confidential information is compromised
notify all parties who may be affected, unless there are compelling
reasons not to do so. If you choose not to notify a client, document
your reasons in your records and outline a plan as to when you will
notify that person.
 File a police report if appropriate.
 Consult with your state or national ethics committee to discuss
the matter and learn what additional steps or actions they may
recommend.
 Consult with your malpractice insurer’s risk management
experts for advice and suggestions as well. Document your
entire procedure.
SECURITY IS AN ABSOLUTE MUST—DON’T RISK A VIOLATION!