The views, information, and opinions expressed by guest speakers during conferences and masterclasses are solely those of the speaker and do not necessarily represent those of Bilinguistics and its employees.

Josiah Dykstra, Ph.D. is the owner of Designer Security, a consulting business devoted to the cybersecurity needs in healthcare. Over the past 22 years, he has worked as a practitioner, researcher, and leader in cybersecurity for government and industry. He is a frequent speaker, the author of numerous research publications and three books including Cybersecurity Myths & Misconceptions.

Financial: Dr. Josiah Dykstra is receiving an honorarium for this presentation.

Non-financial – He is one the Cyber Advisory Board for Bowie State University.

Smartphones have become essential tools for modern speech-language pathologists, frequently used for tasks ranging from patient scheduling to accessing electronic records. However, this connectivity introduces significant vulnerabilities to legal compliance, patient privacy, and practice reputation. This presentation examines the real-world impact of mobile threats, noting that while accidental loss is statistically more likely than theft, both events can lead to severe data breaches. By exploring digital forensics, the course reveals the extensive “digital crumbs” left behind on devices such as recoverable photos, location history, and cached messages that can expose Protected Health Information (PHI) if a device is compromised.

The session contextualizes these risks within the framework of the HIPAA Security Rule regarding risk management, access control, and encryption. Attendees will review case studies illustrating the financial penalties associated with unencrypted device loss to understand the high stakes of mobile insecurity. Moving from theory to practice, the course outlines “Seven Steps to Safer Smartphones,” a hands-on guide to configuring essential security settings on iOS and Android devices. Participants will learn to apply specific safeguards including strong authentication, automatic logoffs, password managers, and remote wipe capabilities, ensuring they are taking reasonable steps to secure their business and patients.

Participants will be able to:
• Explain potential threats to business operations, reputation, patient privacy, and protected health information from insecure smartphones.
• List the sensitive data stored on — and potentially recoverable from — a lost, stolen, or hacked smartphone.
• Demonstrate how to change settings to improve security and privacy of mobile devices.
• Apply HIPAA Security Rule standards to mobile device configurations to ensure regulatory compliance and avoid financial penalties.

Time-Ordered Agenda
10 minutes: Introductions and disclosures
10 minutes – Smartphones in practice: usage trends and scenarios
10 minutes – The threat landscape: theft, loss, and regulatory impact
10 minutes – Digital Forensics: what can be recovered from a device?
25 minutes – 7 best-practices to securing mobile devices
05 minutes – Beyond the device: app permissions and network risks
05 minutes – Closing
15 minutes – Moderated question and answer session