LifeCare utilizes a “Bring Your Own Device” (BYOD) policy for the therapy team, which includes Employees and Independent Contractors. Business operations, including field and in-home services, require the use of mobile devices and thus increase the risk of unauthorized access to ePHI. While risks vary based on the mobile device and its use, some risks include:

• Lost or stolen device;

• Inadvertently downloading viruses or other malware;

• Unintentional disclosure to unauthorized users;

• Using an unsecured Wi-Fi Network.

To Protect Your Device:

• Participate in and review all Training Materials Provided by LifeCare

• Keep your mobile device with you at all times

• Keep your passwords private

• Use the Mobile Device Security Settings

• Protect/guard your screen during use

• Report ANY potential breach or risk to your PHI (unauthorized use, loss or theft of device)

Always

• Use a password or other user authentication.

• Install and enable encryption.

• Install and activate wiping and/or remote disabling.

• Disable and do not install file-sharing applications.

• Install and enable a firewall.

• Install and enable security software. Keep security software up to date.

• Research mobile applications (apps) before downloading.

• Maintain physical control of your mobile device.

• Use adequate security when sending or receiving health information.

• Delete all stored health information before discarding or reusing the mobile device

Never

• Share your mobile device password or user authentication

• Allow the use of your mobile device by unauthorized users

• Store or send unencrypted health information with your mobile device

• Ignore mobile device security software updates

• Download applications (apps) without verifying they are from a trusted source

• Leave your mobile device unattended

• Use an unsecured Wi---Fi network

• Discard your mobile device without first deleting all stored information

• Ignore LifeCare mobile device policies and procedures