Are you using a mobile device, like an iPad or an Android phone to access any client information?
Wake up the device(s) you are using to interact with clients and store their PHI.
Did you have to enter a passcode?
Unsecured Devices are a HIPAA Violation
If it’s a mobile device, I’m hoping that at the very least you are using a passcode, but if it’s not, immediately access your settings and set up passcode protection. The longer the number, the better the security.
You’ll also want to make sure you can remotely wipe your device in case it is lost or stolen. If it falls in water and gets frizzled (and I’m not saying that has ever happened to me while at a family party on New Year’s Day), you won’t be able to remotely wipe your device but never fear, no one will ever be able to access anything on that device ever again.
Have you considered your computer? Securing access to your personal computer is something that is often overlooked. It’s annoying to have to enter a password every time you want to wake up your computer, but having that password ensures that no one can access PHI. If you share you computer with your family, you can set up each family member as a user, which is sort of like having a separate computer for each person in your family.