Wireless Security is always a hot topic when you look at using it in Healthcare. There are some best practices that should always be implemented:
- Hide the SSID
- Restrict Access by Mac Address to only your machines
- Create a public network and a private network so patients/clients have access to the internet without access to your private network
- Encrypt the data going across the wire
- Use WEP or some sort of VPN technology to encrypt all wireless communication(ie. passwords that may be the same as your EMR)
I’m sure there a few more things, but I’ll add those as I get them. This implementation will give you a good start and I believe with this well documented will satisfy HIPAA Security Rule compliance quite well. Personally I also reccoment not using WEP for protection, but I much prefer using a secure password protected VPN technology to encrypt the data. I personally use L2TP technology to encrypt the data and provide a secure VPN connection on the wireless.