In the article “How to Keep Unwanted Eyes From Spying on Your Security Cameras” dated September 16, 2019, Ms. Rachel Cericola mentioned stories about families hearing voices and threats coming from their home’s security devices.
This incident is not uncommon as the news has discussed this topic and even shown actual videos of hackers accessing security cameras. Even doorbell cameras are not safe, and many users have been victims of unauthorized use and access. Voice assistants such as Alexa and others also pose some degree of security threat as the device is enabled to record and listen to all conversations on an ongoing basis.
While convenient at times, allowing others to access the device enables hackers to listen to private conversations and even install additional applications on the device without the owners knowing about it.
Interesting that, under HIPAA Security, Physical Safeguards, the topics of Facility Access, Device and Media Controls, Workstation Use, and Workstation Security covers the potential of these security breaches. However, we usually do not adopt that to our daily life activities.
Perhaps it is time to look at HIPAA Security in a different light and consider that this time “Big Brother’s” requirements are not another tedious law to follow but activities we can use to protect ourselves at home and work.
So, what are the basics of the Physical Safeguard?
Facility access. Limit physical access to the electronic information systems and the facility. While ensuring that properly authorized access is allowed.
- Make sure that unauthorized individuals do not gain access to your electronic devices, including your facility’s physical security.
Device and Media Controls. This Standard covers the proper handling of electronic media, including receipt, removal, backup, storage, reuse, disposal, and accountability.
- Control your devices and ensure that the information within is protected, especially if the devices are removed from your custody.
Workstation Use. Refers to policies and procedures designed to limit the use of any workstation or device for authorized individuals only.
- Do not allow anyone to use any workstation without approval.
Workstation Security. Highlights restriction of information access to authorized users.
- Monitors must be positioned at a suitable angle to avoid inadvertent access to ePHI by unauthorized individuals.
Just be safe and remember that your security is not assumed or granted unless you put some effort to make it so.