* 1. What are the major components of your organization's mobile device security policy?

* 2. If your organization allows employees and physicians to use personally owned mobile devices for hospital work and patient record access, does it

* 3. Specify whether your hospital/health organization currently applies encryption for

* 4. How does your organization address security for physicians and other clinicians who have remote access to clinical systems?

* 5. To guard against inappropriate access to electronic health records, what type of authentication does your organization require for remote users to gain while they are on the job at one of your facilities?

* 6. How does your healthcare organization track wo accesses protected health information and/or patient records?