There is a common theme I’ve noticed while I’ve been researching mHealth over the past few months: a great concern for safety and security. No one wants to download an app, or have their doctor use some kind of technology, if the information could somehow be leaked. A few months ago in Utah, there was a huge security breach where Medicaid and CHIP recipient’s information (birthdays, social security numbers, addresses…you know, all that information no one wants a hacker to have) was stolen. This kind of opened my eyes to how there needs to be security measures in place to make sure things like that don’t happen. While that didn’t have to do with security within mHealth, I feel like similar things could happen with patient information being transmitted within mobile devices.
So is there anything that can be done to protect this information? Well, I think for apps, it starts with the creator making sure there is a secure network. However, apps aren’t the only mobile health devices. There’s USB devices, laptops, and tablets as well. Michelle McNickle, New Media Producer for Healthcare IT News over at mhimss.com, posted 13 tips from ID experts on how to fight mobile device threats:
- Consider USB Locks
- Try geolocation tracking software or services
- Brick the device if it gets stolen or lost
- Encrypt, encrypt, encrypt
- Forget about “sleep” mode
- Recognize that employees will use personal devices
- Use strong safeguards to permit access to PHI through mobile devices
- Educate employees on the importance of safeguarding their mobile devices
- Implement electronic protector health information (EPHI) security
- Work to get ahead of the BYOD upgrade curve
- Have a proactive data management strategy
- Keep in mind transparency and end-user consent opt-in.
- Remember that the mobile Web and “app” landscape is not your father’s Internet
While some of this tips didn’t really pertain to me, overall, I found the list to be very helpful. Awhile back, I downloaded an app on my phone that allows me to “brick the device”, as was mentioned in step three. While the only part of the app I’ve (thankfully) had to use was the feature that sets off a very loud alarm because I couldn’t find it (we’re talking ambulance siren loud), I’m glad I would be able to wipe data if I truly did lose it and didn’t want my personal information stolen. Whether you are a consumer, employer, or a creator of apps or technology, reading through this list is important. More detailed explanations of each of the points can be found here.