Why is my practice’s WiFi a risk?
If you offer patients a WiFi network to access when they are in your office waiting room, your practice is liable for any criminal activity that transpires. Since nothing on the internet is really secret, this is a serious concern.
Acceptable use policies are seldom read and even more seldom followed. Your acceptable use policy cannot effectively limit your office’s liability. If someone uses your WiFi network for criminal activity, and the activity is tracked, your practice is on the hook.
Let’s say that your practice is located a few feet away from a popular restaurant, and that restaurant patrons can access your WiFi network while they’re dining. It’s no stretch to think that all sorts of illicit traffic could cross your practice WiFi network just because it’s available to anyone looking for an internet conduit.
Internet traffic is typically logged, and illegal activity can be traced back to your practice WiFi network. You may think this a far-fetched scenario, but it does happen. When law enforcement officers show up at your front desk with a subpoena in hand, your office must quickly deal with a mammoth legal difficulty.
Securing your WiFi network with a password isn’t a sure way to prevent this sort of thing, especially if the password is often freely available to anyone who walks through your waiting room.
For the past several years, we’ve consistently advised client practice to discontinue provision of a guest WiFi network. The risks involved go far beyond patients finding a back door to steal your protected health information (PHI). None of us are immune to the darker aspects of internet traffic.
Need more Compliance Help?
Smart Training is the market leader in helping practices reach HIPAA and OSHA compliance. We provide the knowledge, training, and documents needed for your practice to reach regulatory compliance. Request a demo here to speak with one of our Compliance Advisers.