We know that one of your biggest concerns right now is staff working remotely, and in making sure they’re being safe and secure. Luckily, VPNs are a low-cost and easy way to help solve this problem.
VPN stands for “Virtual Private Network”. VPNs work by signing up for a VPN service and then installing that service’s app on all devices which need to use the Internet. Your people can use a VPN on their smartphones, computers, tablets, and anything else computery.
Typical VPN services will charge $3-$6/mo per person, and will then be usable on multiple devices for each person. You don’t need a separate VPN account for every device!
Why is this useful?
A big piece of your BYOD (Bring Your Own Device) program is a requirement that all staff members only use known and trusted WiFi services. Since the COVID-19 emergency started, the need for this level of caution has only increased. Malicious hacker types have been taking advantage of the work-from-home boom by actively building new kinds of malware and phishing scams.
While VPNs can’t help with the phishing scams (but training can!), they will provide network protection to the devices they are installed on. This protection is quite reliable. In fact, when a team member uses a VPN on their smartphones, computers, etc., our template BYOD policy allows them to use that device with any WiFi or other Internet connection they wish. Yes, even at Starbucks.
Here are some things we recommend for setting up VPNs with your team:
- Make sure your chosen VPN service offers a “dead man switch.” This is a feature where the VPN will shut off a device’s Internet connection if the VPN goes offline for some reason. Without this feature turned on, it is pretty easy to lose the advantage of a VPN.
- Our template BYOD policy allows for team members to use their own, personal VPN service. However, a team-based VPN service can help you get information about who is using the VPN. That allows you to confirm, with documentation, that your team members are using the tool.
- In our analysis, which has been backed up by several expert colleagues, you do not need a HIPAA Business Associate Agreement with your VPN service provider. VPNs are conduits by nature.
*For group practices, we like TunnelBear. They have a team account tier and a good reputation. FYI, their dead man switch feature is called “vigilant bear.”
You May Also Like:
Remote Office HIPAA Security Module
Keep your practice HIPAA-safe even when your team works remotely.
This bundle includes the Registration Form and Policy Insert you need to keep your practice HIPAA-safe when your team works from home as well as the training to equip your staff to adhere to your policies.