Although incredibly convenient, public Wi-Fi is the modern day enemy for doctors. We give you the lowdown on how to avoid putting your patients’ health information at risk.
You’re travelling for work and may use the Wi-Fi service at the airport or hotel to send an email regarding one of your patients. Harmless? Hardly. Although incredibly convenient, security can be an issue. Using public Wi-Fi could not only put your patient’s personal health information at risk but could also result in network hacking and identity theft.
When you’re travelling, data roaming charges can quickly escalate so using free public Wi-Fi makes it a whole lot easier. However, you may need to exercise caution in how you utilise it – whether it is on your laptop, smartphone or tablet.
With so many places offering free Wi-Fi, it’s common to find numerous connection options on your mobile or tablet. This is where you need to be cautious. Most of these public connections are either unsecured or have shared passwords, and by logging on you could be taking a risk of hackers, malware infection or interception of a message that contains protected health information (PHI).
Hackers (or phishers) just need to be in your general vicinity to log on to the same Wi-Fi network and start stealing your information using software downloaded from the internet.
The hacker may be able to identify your device, name, login history, and the version of the operating system you are using. They can gain deep access into whatever you’re doing online and can intercept your passwords, not to mention steal your identity.
Privacy and data security are ongoing issues in digital health, with concerns about who has access to data and how it is shared. Today, more data than ever is collected – and the more interconnected we become, the more risk there is.
Staying safe on public Wi-Fi
From a security perspective, the main idea behind staying safe on public Wi-Fi is to throw up as many barriers as possible to a cyber attacker. Acting along multiple fronts (especially transmission and encryption) is the best avenue to protect PHI and to avoid the consequences associated with sending PHI from a public Wi-Fi system.
Obviously the best way is to never use a public Wi-Fi system. Almost anyone can navigate to your mobile device when it’s on a public Wi-Fi connection, allowing them to open, download and view information.
However, today it’s almost impossible not to use public Wi-Fi, especially when travelling abroad. It’s surprisingly very easy for someone who wants to intercept your data. All they have to do is set up a network called ‘Free Wi-Fi’ or any other variation that includes a nearby venue name, to make you think it is a legitimate source.
Creating a virtual private network (VPN) is one of the best ways to keep your browsing session under wraps. A VPN encrypts traffic between your device and the VPN server, making it much more difficult for an intruder to access your data. If you don’t have a VPN set up through your clinic, there are many VPN services available, including paid and free options. Keep in mind that a VPN might not protect you if there is already spyware on your computer, so make sure you have the latest anti-virus and firewall software installed and running.
Another way to make sure you’re protected is to always check for the lock symbol in your browser to make sure it’s secure. This way, the security features are activated on the website you are using, providing protection.
Keeping your browser and internet-connected devices up to date (including security tools) with the latest versions is essential. If you aren’t using the latest version there are more likely loopholes the hacker can exploit, so they can gain more information. However, it is important that you remember to update any software package at home or on your work network – not over public Wi-Fi. Some public or hotel networks prompt users for software updates, which can result in the user accepting and, as a result, installing dangerous malware on the device.
It’s also good practice to enable two-factor authentication on services such as Gmail, Facebook and Instagram. This means that if anyone is trying to access your password on public Wi-Fi, you have an extra layer of protection. Strong passwords typically have a mix of upper and lowercase letters, numbers and even symbols.
Lastly, once you have finished browsing, make sure you completely log off any services you were signed into and tell your device to forget the network. This way, your phone or laptop won’t automatically connect again to the network if you are in range. When you are near/in these environments, unauthenticated devices could access and transfer data from your device even though you have not initiated the connection.
Of course, if you’ve got banking or online purchasing to do, you are better off using the cellular connection on your smartphone (or connecting to it if you’re trying to work on a laptop or tablet).
In a nutshell, before you log-on to public Wi-Fi, keep in mind that you’re never secure. Ensuring that you have a VPN and protection of passwords, looking for the padlock and checking the network name, are a few very useful practices that could very well save you a lot of stress and financial harm.
The good news is that bigger and more established free Wi-Fi providers are making efforts to minimise security risks, and many coffee shops and hotel chains are signing deals with external firms to keep protected information protected.
Clinicians will continue to use mobile devices to communicate and exchange PHI, because it offers a convenient, user-friendly way to communicate and access health records. However, there is an increasing need to identify and establish administrative, physical and technical safeguards to protect PHI. Don’t be afraid to be connected – just make sure you know what you’re doing.
What is a secure Wi-Fi Network?
A secure Wi-Fi network uses a password and secure encryption methods to send data 
wirelessly between a mobile device and an internet connection point.
A secure Wi-Fi connections uses encryption that helps you keep data safe from interception by a third party when it is being transmitted.
